firefox vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the firefox package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Cross-site Scripting (XSS)

*
  • H
Asymmetric Resource Consumption (Amplification)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Inefficient Regular Expression Complexity

*
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Exposure of System Data to an Unauthorized Control Sphere

*
  • H
Buffer Overflow

*
  • L
Improperly Implemented Security Check for Standard

*
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Missing Authorization

*
  • M
Out-of-bounds Write

*
  • H
Incorrect Type Conversion or Cast

*
  • M
Cross-site Scripting (XSS)

*
  • M
Missing Required Cryptographic Step

*
  • H
Out-of-bounds Write

*
  • H
Use of Uninitialized Resource

*
  • L
Cleartext Transmission of Sensitive Information

*
  • H
Out-of-bounds Read

*
  • H
CVE-2024-7518

*
  • H
Improper Privilege Management

*
  • H
Use After Free

*
  • H
Cross-site Scripting (XSS)

*
  • M
CVE-2024-7529

*
  • M
Missing Required Cryptographic Step

*
  • H
Use After Free

*
  • H
Use After Free

*
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Missing Required Cryptographic Step

*
  • M
Out-of-Bounds

*
  • H
Buffer Overflow

*
  • M
Out-of-Bounds

*
  • M
Improper Preservation of Permissions

*
  • H
Use After Free

*
  • M
Covert Timing Channel

*
  • M
Improper Access Control

*
  • H
Use After Free

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • H
Buffer Overflow

*
  • M
Improper Validation of Specified Type of Input

*
  • H
Improper Validation of Syntactic Correctness of Input

*
  • M
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Improper Cross-boundary Removal of Sensitive Data

*
  • M
Inefficient Regular Expression Complexity

*
  • H
Improper Check for Unusual or Exceptional Conditions

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • M
Use After Free

*
  • M
Buffer Overflow

*
  • M
Excessive Platform Resource Consumption within a Loop

*
  • L
Resource Exhaustion

*
  • H
Use After Free

*
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Product UI does not Warn User of Unsafe Actions

*
  • H
Out-of-bounds Read

*
  • H
Buffer Overflow

*
  • M
Integer Overflow or Wraparound

*
  • M
Use After Free

*
  • C
Arbitrary Code Injection

*
  • H
Directory Traversal

*
  • H
Register Interface Allows Software Access to Sensitive Data or Security Settings

*
  • H
Buffer Overflow

*
  • H
Integer Overflow or Wraparound

*
  • M
The UI Performs the Wrong Action

*
  • M
Cross-site Scripting (XSS)

*
  • M
Use After Free

*
  • H
CVE-2024-2616

*
  • M
Information Exposure

*
  • M
Arbitrary Code Injection

*
  • H
The UI Performs the Wrong Action

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Out-of-bounds Read

*
  • H
Buffer Overflow

*
  • L
Incorrect Conversion between Numeric Types

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
The UI Performs the Wrong Action

*
  • M
Inadequate Encryption Strength

*
  • M
Improper Input Validation

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Resource Exhaustion

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Improper Input Validation

*
  • H
Unchecked Return Value

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Out-of-bounds Write

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Buffer Overflow

*
  • M
Information Exposure

*
  • M
Use After Free

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Use of Uninitialized Resource

*
  • M
Heap-based Buffer Overflow

*
  • M
Improper Input Validation

*
  • H
Buffer Overflow

*
  • M
Use After Free

*
  • M
Heap-based Buffer Overflow

*
  • L
Improper Input Validation

*
  • M
Race Condition

*
  • H
Heap-based Buffer Overflow

*
  • H
Use After Free

*
  • H
Out-of-bounds Read

*
  • M
Directory Traversal

*
  • H
Use After Free

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Buffer Overflow

*
  • H
Improper Verification of Cryptographic Signature

*
  • H
Buffer Overflow

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Product UI does not Warn User of Unsafe Actions

*
  • M
Multiple Interpretations of UI Input

*
  • M
Open Redirect

*
  • M
Memory Leak

*
  • H
Buffer Overflow

*
  • H
Use After Free

*
  • H
Out-of-bounds Write

*
  • H
Heap-based Buffer Overflow

*
  • H
Resource Exhaustion

*
  • M
Information Exposure

*
  • H
Use After Free

*
  • M
Compilation with Insufficient Warnings or Errors

*
  • H
Use After Free

*
  • H
Use After Free

*
  • H
Buffer Overflow

*
  • M
Out-of-Bounds

*
  • H
Buffer Overflow

*
  • L
Incorrect Behavior Order: Early Validation

*
  • M
Authentication Bypass

*
  • M
Authentication Bypass

*
  • L
Reliance on Cookies without Validation and Integrity Checking in a Security Decision

*
  • H
Buffer Overflow

*
  • H
Improper Handling of Insufficient Permissions or Privileges

*
  • H
Race Condition

*
  • H
Out-of-bounds Read

*
  • H
Improper Input Validation

*
  • H
Inclusion of Functionality from Untrusted Control Sphere

*
  • H
Buffer Overflow

*
  • H
Buffer Overflow

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Authentication Bypass

*
  • H
Use After Free

*
  • M
Compilation with Insufficient Warnings or Errors

*
  • H
Use After Free

*
  • H
Buffer Overflow

*
  • M
Arbitrary Code Injection

*
  • M
Resource Exhaustion

*
  • H
Buffer Overflow

*
  • H
The UI Performs the Wrong Action

*
  • M
Resource Exhaustion

*
  • H
Buffer Overflow

*
  • H
Improper Handling of Insufficient Permissions or Privileges

*
  • H
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Use of Uninitialized Variable

*
  • H
Out-of-bounds Read

*
  • M
Insufficient Verification of Data Authenticity

*
  • M
Resource Exhaustion

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Double Free

*
  • L
Incorrect Calculation

*
  • H
Direct Request ('Forced Browsing')

*
  • M
Failure to Sanitize Special Element

*
  • M
Unrestricted Upload of File with Dangerous Type

*
  • H
Buffer Overflow

*
  • H
Reachable Assertion

*
  • H
Out-of-Bounds

*
  • M
Out-of-Bounds

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • M
Incorrect Type Conversion or Cast

*
  • M
Out-of-bounds Read

*
  • H
Buffer Overflow

*
  • H
Arbitrary Code Injection

*
  • H
Improper Input Validation

*
  • H
Use After Free

*
  • L
Improper Handling of Alternate Encoding

*
  • H
Insufficient UI Warning of Dangerous Operations

*
  • H
Buffer Overflow

*
  • M
Cross-site Scripting (XSS)

*
  • H
Use After Free

*
  • H
Incorrect Type Conversion or Cast

*
  • H
Incorrect Synchronization

*
  • M
Out-of-bounds Write

*
  • H
Buffer Overflow

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Buffer Overflow

*
  • M
CVE-2023-23602

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • L
Incorrect Regular Expression

*
  • M
Arbitrary Command Injection

*
  • H
Use of Unmaintained Third Party Components

*
  • H
Multiple Interpretations of UI Input

*
  • L
Insufficient UI Warning of Dangerous Operations

*
  • H
Buffer Overflow

*
  • H
Out-of-Bounds

*
  • H
Out-of-bounds Read

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Resource Exhaustion

*
  • M
Truncation of Security-relevant Information

*
  • H
Out-of-Bounds

*
  • M
Use After Free

*
  • H
Buffer Overflow

*
  • H
Use After Free

*
  • H
Information Exposure

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Use After Free

*
  • H
Buffer Overflow

*
  • H
Inclusion of Functionality from Untrusted Control Sphere

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Information Exposure

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Information Exposure

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Sensitive Cookie with Improper SameSite Attribute

*
  • L
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Use After Free

*
  • H
Use After Free

*
  • M
Cross-site Scripting (XSS)

*
  • M
Incorrect Regular Expression

*
  • M
Resource Exhaustion

*
  • M
Buffer Overflow

*
  • H
Inclusion of Functionality from Untrusted Control Sphere

*
  • H
Buffer Overflow

*
  • M
Inefficient Regular Expression Complexity

*
  • H
Buffer Overflow

*
  • H
Use After Free

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • L
Improper Handling of Inconsistent Structural Elements

*
  • L
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Reliance on Cookies without Validation and Integrity Checking in a Security Decision

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Buffer Overflow

*
  • H
Product UI does not Warn User of Unsafe Actions

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Buffer Overflow

*
  • L
Use After Free

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Cross-site Scripting (XSS)

*
  • H
Buffer Overflow

*
  • M
Return of Wrong Status Code

*
  • M
Integer Overflow or Wraparound

*
  • H
Buffer Overflow

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Cross-site Scripting (XSS)

*
  • H
Use After Free

*
  • M
Open Redirect

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • H
Buffer Overflow

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Use of Uninitialized Variable

*
  • H
Buffer Overflow

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Inclusion of Functionality from Untrusted Control Sphere

*
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Resource Exhaustion

*
  • H
Buffer Overflow

*
  • H
Exposure of System Data to an Unauthorized Control Sphere

*
  • M
Reliance on Cookies without Validation and Integrity Checking

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Improper Preservation of Permissions

*
  • L
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Out-of-bounds Write

*
  • M
Out-of-bounds Read

*
  • H
Buffer Overflow

*
  • M
Use After Free

*
  • L
Resource Exhaustion

*
  • M
Use After Free

*
  • H
Use After Free

*
  • H
Time-of-check Time-of-use (TOCTOU)

*
  • L
Improper Preservation of Permissions

*
  • H
The UI Performs the Wrong Action

*
  • H
Use After Free

*
  • H
Incorrect Behavior Order: Early Validation

*
  • C
Use After Free

*
  • C
Use After Free

*
  • H
Use After Free

*
  • H
Buffer Overflow

*
  • H
Buffer Overflow

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Arbitrary Code Injection

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Incorrect Calculation

*
  • M
Integer Overflow or Wraparound

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • L
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Buffer Overflow

*
  • H
Buffer Overflow

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • L
NULL Pointer Dereference

*
  • H
Use After Free

*
  • H
Buffer Overflow

*
  • H
Use After Free

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Cross-site Scripting (XSS)

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • H
Buffer Overflow

*
  • M
Unquoted Search Path or Element

*
  • L
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Information Exposure

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Use After Free

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Arbitrary Command Injection

*
  • H
Inclusion of Functionality from Untrusted Control Sphere

*
  • H
Inappropriate Encoding for Output Context

*
  • H
Incorrect Permission Assignment for Critical Resource

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Use After Free

*
  • H
Buffer Overflow

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Use After Free

*
  • H
Buffer Overflow

*
  • M
Use After Free

*
  • M
Information Exposure

*
  • M
Out-of-Bounds

*
  • H
Buffer Overflow

*
  • H
Cross-site Scripting (XSS)

*
  • H
Out-of-Bounds

*
  • H
Time-of-check Time-of-use (TOCTOU)

*
  • M
Use After Free

*
  • H
Use of Uninitialized Resource

*
  • H
Use After Free

*
  • H
Buffer Overflow

*
  • C
Use After Free

<0:60.5.0-2.el6
  • C
Use After Free

<0:60.4.0-1.el6
  • C
Buffer Overflow

<0:60.5.0-2.el6
  • C
Improper Authentication

<0:60.5.0-2.el6
  • C
Buffer Overflow

<0:60.4.0-1.el6
  • C
Out-of-bounds Read

<0:60.4.0-1.el6
  • C
Integer Overflow or Wraparound

<0:60.4.0-1.el6
  • C
Buffer Overflow

<0:60.4.0-1.el6
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.4.0-1.el6
  • M
Buffer Overflow

*
  • C
Buffer Overflow

<0:60.3.0-1.el6
  • C
Buffer Overflow

<0:60.3.0-1.el6
  • C
Improper Access Control

<0:60.3.0-1.el6
  • C
Missing Authorization

<0:60.3.0-1.el6
  • M
Improper Input Validation

<0:60.2.1-1.el6
  • C
Information Exposure

<0:60.2.0-1.el6
  • C
Integer Overflow or Wraparound

<0:60.3.0-1.el6
  • C
Out-of-bounds Read

<0:60.2.2-1.el6
  • C
Improper Access Control

<0:60.3.0-1.el6
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.2.2-1.el6
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.2.0-1.el6
  • C
Out-of-bounds Write

<0:60.2.0-1.el6
  • C
Buffer Overflow

<0:60.2.0-1.el6
  • C
Use After Free

<0:60.2.0-1.el6
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.1.0-5.el6
  • C
Race Condition

<0:60.3.0-1.el6
  • C
Out-of-bounds Write

<0:60.1.0-5.el6
  • C
Buffer Overflow

<0:60.1.0-5.el6
  • C
Files or Directories Accessible to External Parties

<0:60.1.0-5.el6
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:52.8.0-1.el6_9
  • C
Use After Free

<0:52.8.0-1.el6_9
  • C
Authentication Bypass

<0:60.1.0-5.el6
  • C
Buffer Overflow

<0:60.1.0-5.el6
  • C
Buffer Overflow

<0:60.1.0-5.el6
  • C
Use After Free

<0:60.2.0-1.el6
  • C
Use After Free

<0:60.1.0-5.el6
  • C
Eval Injection

<0:52.8.0-1.el6_9
  • C
Buffer Overflow

<0:52.8.0-1.el6_9
  • C
Use After Free

<0:52.8.0-1.el6_9
  • C
Integer Overflow or Wraparound

<0:60.1.0-5.el6
  • C
Out-of-bounds Read

<0:60.1.0-5.el6
  • C
Use After Free

<0:60.1.0-5.el6
  • H
Use After Free

<0:52.7.3-1.el6_9
  • C
Buffer Overflow

<0:52.8.0-1.el6_9
  • C
Buffer Overflow

<0:52.8.0-1.el6_9
  • C
Integer Overflow or Wraparound

<0:52.8.0-1.el6_9
  • C
Missing Authorization

<0:52.8.0-1.el6_9
  • C
Buffer Overflow

<0:52.7.0-1.el6_9
  • C
CVE-2014-1518

<0:24.5.0-1.el6_5
  • C
Buffer Overflow

<0:24.5.0-1.el6_5
  • C
Use After Free

<0:24.5.0-1.el6_5
  • C
Improper Cross-boundary Removal of Sensitive Data

<0:52.7.0-1.el6_9
  • C
Cross-site Scripting (XSS)

<0:24.5.0-1.el6_5
  • C
Integer Overflow or Wraparound

<0:52.7.0-1.el6_9
  • C
Use After Free

<0:24.5.0-1.el6_5
  • C
Buffer Overflow

<0:52.7.0-1.el6_9
  • C
Out-of-bounds Read

<0:24.5.0-1.el6_5
  • C
Improper Privilege Management

<0:24.5.0-1.el6_5
  • C
Heap-based Buffer Overflow

<0:52.7.2-1.el6_9
  • C
Out-of-bounds Write

<0:52.7.0-1.el6_9
  • C
Buffer Overflow

<0:52.7.0-1.el6_9
  • C
Buffer Overflow

<0:52.7.0-1.el6_9
  • C
Improper Privilege Management

<0:24.4.0-1.el6_5
  • C
Use After Free

<0:24.4.0-1.el6_5
  • C
Use After Free

<0:52.6.0-1.el6_9
  • C
Use After Free

<0:52.6.0-1.el6_9
  • C
Information Exposure

<0:24.4.0-1.el6_5
  • C
Buffer Overflow

<0:52.6.0-1.el6_9
  • C
Use After Free

<0:52.6.0-1.el6_9
  • C
Integer Overflow or Wraparound

<0:52.6.0-1.el6_9
  • C
Out-of-bounds Read

<0:24.4.0-1.el6_5
  • C
Improper Privilege Management

<0:24.4.0-1.el6_5
  • C
Out-of-bounds Read

<0:24.4.0-1.el6_5
  • C
Buffer Overflow

<0:24.4.0-1.el6_5
  • C
Out-of-bounds Write

<0:24.4.0-1.el6_5
  • C
Use After Free

<0:52.6.0-1.el6_9
  • C
Use After Free

<0:52.6.0-1.el6_9
  • H
Improper Cross-boundary Removal of Sensitive Data

<0:52.5.1-1.el6_9
  • C
Out-of-bounds Read

<0:24.4.0-1.el6_5
  • C
Out-of-Bounds

<0:24.4.0-1.el6_5
  • C
Buffer Overflow

<0:52.5.0-1.el6_9
  • C
Use After Free

<0:52.6.0-1.el6_9
  • C
Use After Free

<0:52.6.0-1.el6_9
  • C
User Interface (UI) Misrepresentation of Critical Information

<0:52.6.0-1.el6_9
  • C
Use After Free

<0:52.6.0-1.el6_9
  • C
Information Exposure

<0:24.3.0-2.el6_5
  • C
Information Exposure

<0:52.5.0-1.el6_9
  • C
Use After Free

<0:52.5.0-1.el6_9
  • C
CVE-2014-1477

<0:24.3.0-2.el6_5
  • C
Use After Free

<0:24.3.0-2.el6_5
  • C
Out-of-bounds Write

<0:24.3.0-2.el6_5
  • C
Arbitrary Code Injection

<0:24.2.0-1.el6_5
  • C
Cross-site Scripting (XSS)

<0:24.2.0-1.el6_5
  • C
CVE-2013-5609

<0:24.2.0-1.el6_5
  • C
Use After Free

<0:24.2.0-1.el6_5
  • C
Buffer Overflow

<0:52.4.0-1.el6_9
  • C
Use After Free

<0:52.4.0-1.el6_9
  • C
Use After Free

<0:52.4.0-1.el6_9
  • C
Download of Code Without Integrity Check

<0:52.4.0-1.el6_9
  • C
Buffer Overflow

<0:52.4.0-1.el6_9
  • C
Incorrect Authorization

<0:52.3.0-3.el6_9
  • C
Out-of-bounds Read

<0:24.2.0-1.el6_5
  • C
Use After Free

<0:24.2.0-1.el6_5
  • C
Use After Free

<0:52.3.0-3.el6_9
  • C
CVE-2014-1481

<0:24.3.0-2.el6_5
  • C
CVE-2014-1479

<0:24.3.0-2.el6_5
  • C
Out-of-Bounds

<0:52.3.0-3.el6_9
  • C
Use After Free

<0:52.3.0-3.el6_9
  • C
Use After Free

<0:52.4.0-1.el6_9
  • C
Cross-site Scripting (XSS)

<0:52.4.0-1.el6_9
  • C
Use After Free

<0:52.3.0-3.el6_9
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:52.3.0-3.el6_9
  • C
Use After Free

<0:52.3.0-3.el6_9
  • C
Arbitrary Command Injection

<0:52.3.0-3.el6_9
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:52.3.0-3.el6_9
  • C
Out-of-bounds Read

<0:52.3.0-3.el6_9
  • C
Incorrect Authorization

<0:52.3.0-3.el6_9
  • C
Use After Free

<0:24.2.0-1.el6_5
  • C
Improper Restriction of Rendered UI Layers or Frames

<0:24.2.0-1.el6_5
  • C
Out-of-bounds Read

<0:52.3.0-3.el6_9
  • C
Use After Free

<0:52.3.0-3.el6_9
  • C
Out-of-bounds Read

<0:52.3.0-3.el6_9
  • C
Out-of-bounds Read

<0:52.3.0-3.el6_9
  • C
Out-of-Bounds

<0:17.0.10-1.el6_4
  • C
Use After Free

<0:17.0.10-1.el6_4
  • C
CVE-2013-5590

<0:17.0.10-1.el6_4
  • C
Out-of-Bounds

<0:17.0.10-1.el6_4
  • C
Use After Free

<0:17.0.10-1.el6_4
  • C
Use After Free

<0:17.0.10-1.el6_4
  • C
Use After Free

<0:17.0.10-1.el6_4
  • C
Out-of-Bounds

<0:17.0.10-1.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Cross-site Scripting (XSS)

<0:17.0.8-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.8-1.el6_4
  • C
CVE-2013-1701

<0:17.0.8-1.el6_4
  • C
Cross-site Scripting (XSS)

<0:17.0.8-1.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.9-1.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Use After Free

<0:17.0.9-1.el6_4
  • C
Improper Input Validation

<0:17.0.9-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.8-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.8-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.7-1.el6_4
  • C
Out-of-Bounds

<0:17.0.7-1.el6_4
  • C
Improper Input Validation

<0:17.0.7-1.el6_4
  • C
CVE-2013-1682

<0:17.0.7-1.el6_4
  • C
Cross-site Request Forgery (CSRF)

<0:17.0.7-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.7-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.7-1.el6_4
  • C
Resource Management Errors

<0:17.0.7-1.el6_4
  • C
Use After Free

<0:78.4.1-1.el6_10
  • C
Use After Free

<0:52.2.0-1.el6_9
  • C
Resource Management Errors

<0:17.0.7-1.el6_4
  • C
Heap-based Buffer Overflow

<0:52.2.0-1.el6_9
  • C
Heap-based Buffer Overflow

<0:52.2.0-1.el6_9
  • C
Out-of-bounds Read

<0:52.2.0-1.el6_9
  • C
Out-of-Bounds

<0:52.2.0-1.el6_9
  • C
Use After Free

<0:52.2.0-1.el6_9
  • C
Out-of-bounds Read

<0:52.2.0-1.el6_9
  • C
Use After Free

<0:52.2.0-1.el6_9
  • C
Out-of-bounds Read

<0:52.2.0-1.el6_9
  • C
Missing Initialization of a Variable

<0:52.2.0-1.el6_9
  • C
Resource Management Errors

<0:17.0.7-1.el6_4
  • C
Out-of-bounds Write

<0:52.1.0-2.el6_9
  • H
Improper Cross-boundary Removal of Sensitive Data

<0:78.5.0-1.el6_10
  • H
Improper Validation of Integrity Check Value

<0:78.5.0-1.el6_10
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:78.5.0-1.el6_10
  • H
Buffer Overflow

<0:78.5.0-1.el6_10
  • H
Improperly Implemented Security Check for Standard

<0:78.5.0-1.el6_10
  • H
Use After Free

<0:78.5.0-1.el6_10
  • H
User Interface (UI) Misrepresentation of Critical Information

<0:78.5.0-1.el6_10
  • C
Use After Free

<0:52.2.0-1.el6_9
  • C
Out-of-bounds Read

<0:52.2.0-1.el6_9
  • C
Reachable Assertion

<0:52.2.0-1.el6_9
  • C
Out-of-Bounds

<0:52.2.0-1.el6_9
  • C
Out-of-Bounds

<0:52.1.0-2.el6_9
  • C
Improper Input Validation

<0:52.2.0-1.el6_9
  • C
Out-of-bounds Read

<0:52.2.0-1.el6_9
  • C
Use After Free

<0:52.2.0-1.el6_9
  • C
Use After Free

<0:52.2.0-1.el6_9
  • C
Access Restriction Bypass

<0:17.0.6-1.el6_4
  • C
Resource Management Errors

<0:17.0.6-1.el6_4
  • C
Use After Free

<0:52.2.0-1.el6_9
  • C
Resource Management Errors

<0:17.0.6-1.el6_4
  • C
Resource Management Errors

<0:17.0.6-1.el6_4
  • C
Missing Initialization of a Variable

<0:17.0.6-1.el6_4
  • C
CVE-2013-0801

<0:17.0.6-1.el6_4
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Out-of-Bounds

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Improper Input Validation

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:17.0.6-1.el6_4
  • C
Out-of-bounds Write

<0:52.1.0-2.el6_9
  • C
Out-of-bounds Write

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Out-of-Bounds

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Out-of-bounds Read

<0:52.1.0-2.el6_9
  • C
Out-of-Bounds

<0:52.1.0-2.el6_9
  • H
Use After Free

<0:78.5.0-1.el6_10
  • H
Cross-site Scripting (XSS)

<0:78.5.0-1.el6_10
  • H
Cross-site Scripting (XSS)

<0:78.5.0-1.el6_10
  • C
Out-of-Bounds

<0:17.0.6-1.el6_4
  • C
Out-of-Bounds

<0:17.0.6-1.el6_4
  • C
Out-of-Bounds

<0:17.0.6-1.el6_4
  • C
Out-of-bounds Read

<0:52.1.0-2.el6_9
  • C
Out-of-Bounds

<0:52.1.0-2.el6_9
  • C
Improper Validation of Array Index

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Stack-based Buffer Overflow

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:52.1.0-2.el6_9
  • C
Out-of-Bounds

<0:45.8.0-2.el6_8
  • C
Out-of-Bounds

<0:45.8.0-2.el6_8
  • C
Error Handling

<0:45.8.0-2.el6_8
  • C
Use After Free

<0:45.8.0-2.el6_8
  • C
Out-of-bounds Read

<0:52.1.0-2.el6_9
  • C
Out-of-bounds Read

<0:52.1.0-2.el6_9
  • C
Use After Free

<0:45.5.1-1.el6_8
  • C
Improper Certificate Validation

<0:45.5.0-1.el6_8
  • C
Out-of-Bounds

<0:45.5.0-1.el6_8
  • C
Improper Input Validation

<0:45.5.0-1.el6_8
  • C
Integer Overflow or Wraparound

<0:45.5.0-1.el6_8
  • C
CVE-2013-0788

<0:17.0.5-1.el6_4
  • C
Information Exposure

<0:45.8.0-2.el6_8
  • C
Improper Input Validation

<0:45.7.0-2.el6_8
  • C
CVE-2017-5390

<0:45.7.0-2.el6_8
  • C
Information Exposure

<0:45.8.0-2.el6_8
  • C
Out-of-Bounds

<0:45.8.0-2.el6_8
  • C
Out-of-Bounds

<0:45.7.0-2.el6_8
  • C
Use After Free

<0:45.7.0-2.el6_8
  • C
DEPRECATED: Use of Uninitialized Resource

<0:45.8.0-2.el6_8
  • C
Use After Free

<0:45.8.0-2.el6_8
  • C
CVE-2017-5386

<0:45.7.0-2.el6_8
  • C
Improper Input Validation

<0:45.6.0-1.el6_8
  • C
Information Exposure

<0:45.6.0-1.el6_8
  • C
Security Features

<0:45.6.0-1.el6_8
  • C
Out-of-Bounds

<0:45.5.0-1.el6_8
  • C
Out-of-Bounds

<0:45.5.0-1.el6_8
  • C
Use After Free

<0:45.7.0-2.el6_8
  • C
Use After Free

<0:45.7.0-2.el6_8
  • C
Out-of-bounds Write

<0:17.0.5-1.el6_4
  • C
CVE-2013-0796

<0:17.0.5-1.el6_4
  • C
Information Exposure

<0:45.7.0-2.el6_8
  • C
Access Restriction Bypass

<0:17.0.5-1.el6_4
  • C
Out-of-Bounds

<0:45.7.0-2.el6_8
  • C
Cross-site Scripting (XSS)

<0:17.0.5-1.el6_4
  • C
Use After Free

<0:45.6.0-1.el6_8
  • C
Out-of-Bounds

<0:45.6.0-1.el6_8
  • C
Origin Validation Error

<0:45.6.0-1.el6_8
  • C
Security Features

<0:45.6.0-1.el6_8
  • C
Out-of-Bounds

<0:45.6.0-1.el6_8
  • C
Improper Access Control

<0:45.6.0-1.el6_8
  • C
Use After Free

<0:45.6.0-1.el6_8
  • C
Out-of-Bounds

<0:45.4.0-1.el6_8
  • C
Use After Free

<0:45.4.0-1.el6_8
  • C
Integer Overflow or Wraparound

<0:45.4.0-1.el6_8
  • C
Use After Free

<0:45.4.0-1.el6_8
  • C
Improper Input Validation

<0:45.4.0-1.el6_8
  • C
CVE-2013-0783

<0:17.0.3-1.el6_3
  • C
Out-of-bounds Read

<0:17.0.3-1.el6_3
  • C
Improper Certificate Validation

<0:17.0.3-1.el6_3
  • C
Use After Free

<0:17.0.3-1.el6_3
  • C
Out-of-bounds Read

<0:17.0.3-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:45.3.0-1.el6_8
  • C
Out-of-Bounds

<0:45.4.0-1.el6_8
  • C
Out-of-Bounds

<0:45.3.0-1.el6_8
  • C
Out-of-Bounds

<0:45.3.0-1.el6_8
  • C
Out-of-Bounds

<0:45.4.0-1.el6_8
  • C
Improper Input Validation

<0:45.4.0-1.el6_8
  • C
Use After Free

<0:45.4.0-1.el6_8
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Improper Authentication

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:45.4.0-1.el6_8
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Information Exposure

<0:45.4.0-1.el6_8
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
CVE-2013-0769

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:45.4.0-1.el6_8
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.el6_3
  • C
Access Restriction Bypass

<0:10.0.11-1.el6_3
  • C
Out-of-Bounds

<0:45.3.0-1.el6_8
  • C
Information Exposure

<0:45.3.0-1.el6_8
  • C
CVE-2016-2828

<0:45.2.0-1.el6_8
  • C
Security Features

<0:45.2.0-1.el6_8
  • C
Use After Free

<0:45.3.0-1.el6_8
  • C
Incorrect Type Conversion or Cast

<0:45.3.0-1.el6_8
  • C
Use After Free

<0:45.3.0-1.el6_8
  • C
Use After Free

<0:45.3.0-1.el6_8
  • C
Out-of-Bounds

<0:45.3.0-1.el6_8
  • C
CVE-2013-0746

<0:10.0.12-1.el6_3
  • C
Integer Overflow or Wraparound

<0:10.0.12-1.el6_3
  • C
Arbitrary Code Injection

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Information Exposure

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.el6_3
  • C
Out-of-bounds Write

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
CVE-2012-5842

<0:10.0.11-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Arbitrary Code Injection

<0:10.0.10-1.el6_3
  • C
Out-of-Bounds

<0:45.1.0-1.el6_7
  • C
Improper Access Control

<0:45.2.0-1.el6_8
  • C
Out-of-Bounds

<0:45.2.0-1.el6_8
  • C
Out-of-Bounds

<0:45.2.0-1.el6_8
  • C
CVE-2016-2821

<0:45.2.0-1.el6_8
  • C
Use After Free

<0:45.3.0-1.el6_8
  • C
Cross-site Scripting (XSS)

<0:45.3.0-1.el6_8
  • C
Cross-site Scripting (XSS)

<0:10.0.10-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.10-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.el6_3
  • C
Out-of-Bounds

<0:45.1.0-1.el6_7
  • C
Improper Input Validation

<0:10.0.8-1.el6_3
  • C
Improper Privilege Management

<0:10.0.8-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Access Restriction Bypass

<0:10.0.8-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.el6_3
  • C
CVE-2012-3982

<0:10.0.8-1.el6_3
  • C
Out-of-Bounds

<0:45.1.0-1.el6_7
  • C
Out-of-bounds Read

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:10.0.7-1.el6_3
  • C
Security Features

<0:38.7.0-1.el6_7
  • C
Out-of-Bounds

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Information Exposure

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:45.1.0-1.el6_7
  • C
Out-of-Bounds

<0:45.1.0-1.el6_7
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Out-of-Bounds

<0:10.0.8-1.el6_3
  • C
Access Restriction Bypass

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:10.0.8-1.el6_3
  • C
Out-of-Bounds

<0:10.0.8-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.8-1.el6_3
  • C
Out-of-Bounds

<0:10.0.8-1.el6_3
  • C
Use After Free

<0:10.0.8-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Arbitrary Code Injection

<0:10.0.7-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Out-of-bounds Read

<0:45.1.0-1.el6_7
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Cross-site Scripting (XSS)

<0:10.0.6-1.el6_3
  • C
Improper Data Handling

<0:38.7.0-1.el6_7
  • C
Cross-site Scripting (XSS)

<0:10.0.6-1.el6_3
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Resource Management Errors

<0:10.0.6-1.el6_3
  • C
CVE-2016-1973

<0:38.7.0-1.el6_7
  • C
CVE-2016-1966

<0:38.7.0-1.el6_7
  • C
Improper Data Handling

<0:38.7.0-1.el6_7
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
CVE-2012-1967

<0:10.0.6-1.el6_3
  • C
CVE-2016-1961

<0:38.7.0-1.el6_7
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Security Features

<0:38.7.0-1.el6_7
  • C
Access Restriction Bypass

<0:38.7.0-1.el6_7
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Out-of-bounds Write

<0:38.6.1-1.el6_7
  • C
CVE-2016-1964

<0:38.7.0-1.el6_7
  • C
Resource Management Errors

<0:10.0.6-1.el6_3
  • C
CVE-2012-1964

<0:10.0.6-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:38.7.0-1.el6_7
  • C
CVE-2016-1960

<0:38.7.0-1.el6_7
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Heap-based Buffer Overflow

<0:38.6.1-1.el6_7
  • C
Out-of-bounds Read

<0:38.6.1-1.el6_7
  • C
NULL Pointer Dereference

<0:38.6.1-1.el6_7
  • C
Out-of-Bounds

<0:38.6.0-1.el6_7
  • C
Resource Management Errors

<0:10.0.6-1.el6_3
  • C
Access Restriction Bypass

<0:10.0.6-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.6-1.el6_3
  • C
Out-of-Bounds

<0:10.0.6-1.el6_3
  • C
Use After Free

<0:10.0.6-1.el6_3
  • C
CVE-2012-1948

<0:10.0.6-1.el6_3
  • C
CVE-2012-1950

<0:10.0.6-1.el6_3
  • C
CVE-2012-1955

<0:10.0.6-1.el6_3
  • C
Improper Input Validation

<0:10.0.6-1.el6_3
  • H
Open Redirect

<0:78.3.0-1.el6_10
  • C
Resource Management Errors

<0:10.0.6-1.el6_3
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • C
Access Restriction Bypass

<0:10.0.6-1.el6_3
  • C
Out-of-Bounds

<0:38.7.0-1.el6_7
  • H
Use After Free

<0:78.3.0-1.el6_10
  • C
Use After Free

<0:38.5.0-2.el6_7
  • C
Integer Overflow or Wraparound

<0:38.5.0-2.el6_7
  • H
Cross-site Scripting (XSS)

<0:78.3.0-1.el6_10
  • H
Buffer Overflow

<0:78.4.0-2.el6_10
  • H
Use After Free

<0:78.4.0-2.el6_10
  • C
Out-of-Bounds

<0:38.6.0-1.el6_7
  • C
Out-of-Bounds

<0:38.5.0-2.el6_7
  • C
Use After Free

<0:10.0.5-1.el6_2
  • C
Use After Free

<0:10.0.5-1.el6_2
  • C
CVE-2012-1938

<0:10.0.5-1.el6_2
  • C
CVE-2012-1937

<0:10.0.5-1.el6_2
  • C
CVE-2011-3101

<0:10.0.5-1.el6_2
  • H
Buffer Overflow

<0:78.3.0-1.el6_10
  • C
Information Exposure

<0:38.5.0-2.el6_7
  • C
Integer Overflow or Wraparound

<0:38.5.0-2.el6_7
  • C
Numeric Errors

<0:38.5.0-2.el6_7
  • C
Integer Overflow or Wraparound

<0:38.5.0-2.el6_7
  • C
Information Exposure

<0:10.0.5-1.el6_2
  • C
Out-of-Bounds

<0:10.0.5-1.el6_2
  • C
Use After Free

<0:10.0.5-1.el6_2
  • C
Use After Free

<0:10.0.5-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.5-1.el6_2
  • C
Out-of-Bounds

<0:10.0.5-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.4-1.el6_2
  • C
Access Restriction Bypass

<0:10.0.4-1.el6_2
  • C
CVE-2012-0467

<0:10.0.4-1.el6_2
  • C
CVE-2012-0479

<0:10.0.4-1.el6_2
  • C
Off-by-one Error

<0:10.0.4-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.4-1.el6_2
  • C
Information Exposure

<0:10.0.3-1.el6_2
  • C
Out-of-Bounds

<0:10.0.4-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.4-1.el6_2
  • C
Numeric Errors

<0:10.0.4-1.el6_2
  • C
Out-of-Bounds

<0:10.0.4-1.el6_2
  • C
Use After Free

<0:10.0.4-1.el6_2
  • C
Out-of-Bounds

<0:10.0.4-1.el6_2
  • C
Resource Management Errors

<0:10.0.3-1.el6_2
  • C
Resource Management Errors

<0:10.0.3-1.el6_2
  • C
Access Restriction Bypass

<0:10.0.3-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.3-1.el6_2
  • C
CVE-2012-0462

<0:10.0.3-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.3-1.el6_2
  • C
Out-of-Bounds

<0:3.6.26-1.el6_2
  • C
Access Restriction Bypass

<0:10.0.3-1.el6_2
  • C
CVE-2012-0461

<0:10.0.3-1.el6_2
  • C
Out-of-Bounds

<0:3.6.26-1.el6_2
  • C
Access Restriction Bypass

<0:10.0.3-1.el6_2
  • C
Code

<0:38.4.0-1.el6_7
  • C
Use After Free

<0:3.6.26-1.el6_2
  • C
Code

<0:38.4.0-1.el6_7
  • C
Cross-site Scripting (XSS)

<0:38.4.0-1.el6_7
  • C
Out-of-Bounds

<0:38.4.0-1.el6_7
  • C
Security Features

<0:38.4.0-1.el6_7
  • C
Out-of-Bounds

<0:38.4.0-1.el6_7
  • H
Use After Free

<0:68.12.0-1.el6_10
  • C
Access Restriction Bypass

<0:38.4.0-1.el6_7
  • C
Out-of-Bounds

<0:38.4.0-1.el6_7
  • C
Out-of-Bounds

<0:38.4.0-1.el6_7
  • C
CVE-2012-0442

<0:3.6.26-1.el6_2
  • C
Execution with Unnecessary Privileges

<0:38.3.0-2.el6_7
  • C
Information Exposure

<0:3.6.26-1.el6_2
  • H
Use After Free

<0:68.11.0-1.el6_10
  • C
Execution with Unnecessary Privileges

<0:38.3.0-2.el6_7
  • C
Buffer Overflow

<0:38.3.0-2.el6_7
  • C
Use After Free

<0:38.3.0-2.el6_7
  • C
Execution with Unnecessary Privileges

<0:38.3.0-2.el6_7
  • C
Integer Overflow or Wraparound

<0:38.2.0-4.el6_7
  • C
Execution with Unnecessary Privileges

<0:38.3.0-2.el6_7
  • C
Integer Overflow or Wraparound

<0:38.2.0-4.el6_7
  • C
Information Exposure

<0:38.3.0-2.el6_7
  • C
Execution with Unnecessary Privileges

<0:38.3.0-2.el6_7
  • C
Improper Access Control

<0:38.3.0-2.el6_7
  • C
Out-of-Bounds

<0:38.4.0-1.el6_7
  • C
Buffer Overflow

<0:38.3.0-2.el6_7
  • C
Out-of-Bounds

<0:3.6.24-3.el6_1
  • H
Incorrect Use of Privileged APIs

<0:68.12.0-1.el6_10
  • H
Improper Following of a Certificate's Chain of Trust

<0:68.10.0-1.el6_10
  • H
Buffer Overflow

<0:68.11.0-1.el6_10
  • H
Information Exposure

<0:68.11.0-1.el6_10
  • C
Use After Free

<0:38.2.1-1.el6_7
  • C
Out-of-Bounds

<0:38.2.0-4.el6_7
  • H
CVE-2020-6514

<0:68.11.0-1.el6_10
  • C
Out-of-bounds Read

<0:38.2.0-4.el6_7
  • C
Out-of-Bounds

<0:38.2.0-4.el6_7
  • C
Buffer Access with Incorrect Length Value

<0:38.3.0-2.el6_7
  • C
Execution with Unnecessary Privileges

<0:38.3.0-2.el6_7
  • C
Integer Overflow or Wraparound

<0:38.2.0-4.el6_7
  • C
Use After Free

<0:38.2.0-4.el6_7
  • C
Execution with Unnecessary Privileges

<0:38.3.0-2.el6_7
  • C
Cross-site Scripting (XSS)

<0:3.6.24-3.el6_1
  • C
Improper Input Validation

<0:3.6.24-3.el6_1
  • C
Use After Free

<0:38.1.0-1.el6_6
  • C
Execution with Unnecessary Privileges

<0:38.3.0-2.el6_7
  • H
Information Exposure

<0:38.1.1-1.el6_7
  • C
CVE-2015-4488

<0:38.2.0-4.el6_7
  • C
Information Exposure

<0:38.2.0-4.el6_7
  • H
Information Exposure

<0:68.10.0-1.el6_10
  • C
Use After Free

<0:38.1.0-1.el6_6
  • C
Security Features

<0:38.2.1-1.el6_7
  • C
Heap-based Buffer Overflow

<0:38.2.0-4.el6_7
  • C
Arbitrary Code Injection

<0:3.6.23-2.el6_1
  • C
Access Restriction Bypass

<0:3.6.23-2.el6_1
  • C
Out-of-Bounds

<0:38.2.0-4.el6_7
  • C
Cross-site Scripting (XSS)

<0:3.6.23-2.el6_1
  • C
Out-of-Bounds

<0:38.1.0-1.el6_6
  • C
Code

<0:38.1.0-1.el6_6
  • C
CVE-2011-2995

<0:3.6.23-2.el6_1
  • C
Use After Free

<0:38.1.0-1.el6_6
  • C
Use After Free

<0:68.8.0-1.el6_10
  • C
Integer Overflow or Wraparound

<0:3.6.23-2.el6_1
  • C
Code

<0:38.1.0-1.el6_6
  • C
Out-of-Bounds

<0:38.2.0-4.el6_7
  • C
Out-of-Bounds

<0:38.2.0-4.el6_7
  • C
Out-of-Bounds

<0:38.2.0-4.el6_7
  • C
Out-of-Bounds

<0:38.1.0-1.el6_6
  • C
Cryptographic Issues

<0:38.1.0-1.el6_6
  • H
Use After Free

<0:68.9.0-1.el6_10
  • C
Out-of-Bounds

<0:38.1.0-1.el6_6
  • C
Code

<0:38.1.0-1.el6_6
  • H
Buffer Overflow

<0:68.9.0-1.el6_10
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:68.9.0-1.el6_10
  • C
Files or Directories Accessible to External Parties

<0:68.8.0-1.el6_10
  • C
CVE-2011-2982

<0:3.6.20-2.el6_1
  • C
Arbitrary Code Injection

<0:3.6.20-2.el6_1
  • C
Arbitrary Code Injection

<0:3.6.20-2.el6_1
  • H
Use After Free

<0:68.10.0-1.el6_10
  • H
Use After Free

<0:68.10.0-1.el6_10
  • C
Out-of-Bounds

<0:38.1.0-1.el6_6
  • C
Buffer Overflow

<0:68.8.0-1.el6_10
  • C
Buffer Overflow

<0:68.8.0-1.el6_10
  • C
Use After Free

<0:3.6.18-1.el6_1
  • C
CVE-2011-2376

<0:3.6.18-1.el6_1
  • C
Code

<0:38.1.0-1.el6_6
  • C
Out-of-bounds Read

<0:38.1.0-1.el6_6
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:38.1.0-1.el6_6
  • C
Code

<0:38.1.0-1.el6_6
  • C
Execution with Unnecessary Privileges

<0:38.1.0-1.el6_6
  • C
Improper Input Validation

<0:38.1.0-1.el6_6
  • C
Resource Management Errors

<0:3.6.18-1.el6_1
  • C
CVE-2011-2364

<0:3.6.18-1.el6_1
  • C
CVE-2011-2365

<0:3.6.18-1.el6_1
  • C
Resource Management Errors

<0:3.6.18-1.el6_1
  • C
Configuration

<0:3.6.20-2.el6_1
  • C
Arbitrary Code Injection

<0:3.6.20-2.el6_1
  • C
Information Exposure

<0:3.6.20-2.el6_1
  • C
CVE-2011-2374

<0:3.6.18-1.el6_1
  • C
CVE-2011-2375

<0:3.6.18-1.el6_1
  • C
Arbitrary Code Injection

<0:3.6.18-1.el6_1
  • C
Out-of-Bounds

<0:3.6.18-1.el6_1
  • C
Access Restriction Bypass

<0:3.6.18-1.el6_1
  • C
Integer Overflow or Wraparound

<0:3.6.18-1.el6_1
  • C
Resource Management Errors

<0:3.6.18-1.el6_1
  • C
CVE-2011-0081

<0:3.6.17-1.el6_0
  • C
Out-of-Bounds

<0:38.0-4.el6_6
  • C
Access Restriction Bypass

<0:31.5.3-1.el6_6
  • C
Out-of-Bounds

<0:31.5.3-1.el6_6
  • C
Information Exposure

<0:3.6.17-1.el6_0
  • C
CVE-2015-2708

<0:38.0-4.el6_6
  • C
CVE-2011-0070

<0:3.6.17-1.el6_0
  • C
CVE-2011-0080

<0:3.6.17-1.el6_0
  • C
CVE-2011-0069

<0:3.6.17-1.el6_0
  • C
CVE-2011-0075

<0:3.6.17-1.el6_0
  • C
CVE-2011-0074

<0:3.6.17-1.el6_0
  • C
Improper Input Validation

<0:3.6.17-1.el6_0
  • C
Integer Overflow or Wraparound

<0:38.0-4.el6_6
  • C
Out-of-Bounds

<0:38.0-4.el6_6
  • C
Out-of-Bounds

<0:38.0-4.el6_6
  • C
Use After Free

<0:38.0-4.el6_6
  • C
Improper Input Validation

<0:3.6.17-1.el6_0
  • C
Heap-based Buffer Overflow

<0:31.6.0-2.el6_6
  • C
Improper Input Validation

<0:3.6.14-4.el6_0
  • C
Improper Input Validation

<0:3.6.14-4.el6_0
  • C
Cross-site Request Forgery (CSRF)

<0:3.6.14-4.el6_0
  • C
Out-of-Bounds

<0:3.6.14-4.el6_0
  • C
Integer Overflow or Wraparound

<0:3.6.17-1.el6_0
  • C
Use After Free

<0:3.6.14-4.el6_0
  • C
Use After Free

<0:3.6.17-1.el6_0
  • C
CVE-2011-0078

<0:3.6.17-1.el6_0
  • C
Directory Traversal

<0:3.6.17-1.el6_0
  • C
CVE-2011-0053

<0:3.6.14-4.el6_0
  • C
Use After Free

<0:3.6.17-1.el6_0
  • C
Use After Free

<0:3.6.17-1.el6_0
  • C
Cross-site Request Forgery (CSRF)

<0:31.6.0-2.el6_6
  • C
Use After Free

<0:31.6.0-2.el6_6
  • C
Execution with Unnecessary Privileges

<0:31.6.0-2.el6_6
  • C
Improperly Implemented Security Check for Standard

<0:31.6.0-2.el6_6
  • C
CVE-2011-0062

<0:3.6.14-4.el6_0
  • C
Out-of-Bounds

<0:3.6.14-4.el6_0
  • C
Out-of-Bounds

<0:3.6.14-4.el6_0
  • C
Out-of-Bounds

<0:3.6.14-4.el6_0
  • C
Use After Free

<0:3.6.14-4.el6_0
  • C
Out-of-Bounds

<0:31.5.0-1.el6_6
  • C
CVE-2015-0836

<0:31.5.0-1.el6_6
  • C
Information Exposure

<0:31.5.0-1.el6_6
  • C
Use After Free

<0:31.5.0-1.el6_6
  • C
Buffer Overflow

<0:31.3.0-3.el6_6
  • C
Use After Free

<0:31.4.0-1.el6_6
  • C
Cross-site Request Forgery (CSRF)

<0:31.4.0-1.el6_6
  • C
Arbitrary Argument Injection

<0:31.4.0-1.el6_6
  • C
Exposed Dangerous Method or Function

<0:31.3.0-3.el6_6
  • C
Buffer Overflow

<0:31.3.0-3.el6_6
  • C
Heap-based Buffer Overflow

<0:31.4.0-1.el6_6
  • C
Improper Input Validation

<0:31.3.0-3.el6_6
  • C
Use After Free

<0:31.3.0-3.el6_6
  • C
CVE-2010-3771

<0:3.6.13-2.el6_0
  • C
Out-of-bounds Write

<0:31.2.0-3.el6_6
  • C
Out-of-Bounds

<0:3.6.13-2.el6_0
  • C
Numeric Errors

<0:3.6.13-2.el6_0
  • C
CVE-2010-3773

<0:3.6.13-2.el6_0
  • C
Integer Overflow or Wraparound

<0:3.6.13-2.el6_0
  • C
CVE-2010-3775

<0:3.6.13-2.el6_0
  • C
Use After Free

<0:3.6.13-2.el6_0
  • C
Out-of-Bounds

<0:3.6.12-1.el6_0
  • C
Access Restriction Bypass

<0:3.6.12-1.el6_0
  • C
Cross-site Scripting (XSS)

<0:3.6.12-1.el6_0
  • C
Use After Free

<0:31.2.0-3.el6_6
  • C
CVE-2014-1577

<0:31.2.0-3.el6_6
  • C
CVE-2014-1583

<0:31.2.0-3.el6_6
  • C
CVE-2014-1574

<0:31.2.0-3.el6_6
  • C
Out-of-Bounds

<0:31.2.0-3.el6_6
  • C
Out-of-Bounds

<0:24.8.0-1.el6_5
  • C
Use After Free

<0:24.8.0-1.el6_5
  • C
Out-of-Bounds

<0:3.6.13-2.el6_0
  • C
Cross-site Scripting (XSS)

<0:3.6.13-2.el6_0
  • C
Improper Input Validation

<0:3.6.13-2.el6_0
  • C
Improper Input Validation

<0:3.6.13-2.el6_0
  • C
Out-of-Bounds

<0:3.6.12-1.el6_0
  • C
Out-of-Bounds

<0:3.6.12-1.el6_0
  • C
Use After Free

<0:3.6.12-1.el6_0
  • C
CVE-2010-3182

<0:3.6.12-1.el6_0
  • C
CVE-2010-3175

<0:3.6.12-1.el6_0
  • C
CVE-2010-3176

<0:3.6.12-1.el6_0
  • C
Arbitrary Code Injection

<0:24.7.0-1.el6_5
  • H
Use After Free

*
  • H
Out-of-bounds Write

*
  • M
NULL Pointer Dereference

*
  • M
Arbitrary Argument Injection

*
  • C
Operation on a Resource after Expiration or Release

<0:24.7.0-1.el6_5
  • M
Information Exposure

*
  • L
Integer Overflow or Wraparound

*
  • L
Information Exposure

*
  • M
Null Byte Interaction Error (Poison Null Byte)

*
  • M
Improper Preservation of Permissions

*
  • C
Use After Free

<0:24.6.0-1.el6_5
  • C
Use After Free

<0:68.6.1-1.el6_10
  • H
Buffer Overflow

*
  • C
Use After Free

<0:68.6.1-1.el6_10
  • M
Improper Preservation of Permissions

*
  • H
Buffer Overflow

*
  • H
Improper Input Validation

<0:68.6.0-1.el6_10
  • M
Out-of-bounds Read

*
  • H
Out-of-Bounds

<0:68.7.0-2.el6_10
  • C
Use After Free

<0:24.7.0-1.el6_5
  • C
CVE-2014-1547

<0:24.7.0-1.el6_5
  • C
CVE-2014-1533

<0:24.6.0-1.el6_5
  • C
Use After Free

<0:24.6.0-1.el6_5
  • H
Inclusion of Functionality from Untrusted Control Sphere

*
  • H
Out-of-bounds Read

*
  • H
Buffer Overflow

*
  • H
Information Exposure

<0:68.6.0-1.el6_10
  • M
Information Exposure

*
  • H
Out-of-bounds Read

<0:68.6.0-1.el6_10
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • H
Use After Free

<0:68.6.0-1.el6_10
  • H
Buffer Overflow

<0:68.6.0-1.el6_10
  • H
Buffer Overflow

*
  • H
Out-of-bounds Write

<0:68.5.0-2.el6_10
  • H
Out-of-Bounds

<0:68.7.0-2.el6_10
  • H
Buffer Overflow

<0:68.7.0-2.el6_10
  • H
Use After Free

*
  • H
Out-of-bounds Write

*
  • H
Information Exposure

*
  • H
Buffer Overflow

*
  • H
Information Exposure

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Cross-site Scripting (XSS)

<0:68.5.0-2.el6_10
  • H
Buffer Overflow

*
  • C
Cross-site Scripting (XSS)

<0:68.4.1-1.el6_10
  • H
Use After Free

<0:68.6.0-1.el6_10
  • H
Out-of-bounds Read

<0:68.6.0-1.el6_10
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:68.4.1-1.el6_10
  • H
Buffer Overflow

<0:68.5.0-2.el6_10
  • C
Cross-site Scripting (XSS)

<0:68.4.1-1.el6_10
  • L
Information Exposure

*
  • C
Buffer Overflow

<0:68.4.1-1.el6_10
  • C
Buffer Overflow

<0:68.3.0-1.el6_10
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:68.4.1-1.el6_10
  • M
Information Exposure

*
  • C
Use After Free

<0:68.3.0-1.el6_10
  • M
Information Exposure

*
  • C
Buffer Overflow

<0:68.3.0-1.el6_10
  • C
Use After Free

<0:68.3.0-1.el6_10
  • C
Use After Free

<0:68.3.0-1.el6_10
  • H
Improper Input Validation

*
  • H
Buffer Overflow

*
  • H
Use After Free

*
  • L
Improper Neutralization of Special Elements

*
  • C
Use After Free

*
  • L
User Interface (UI) Misrepresentation of Critical Information

*
  • M
User Interface (UI) Misrepresentation of Critical Information

*
  • H
Information Exposure

*
  • M
Incorrect Default Permissions

*
  • L
Out-of-bounds Read

*
  • L
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Integer Overflow or Wraparound

*
  • M
Out-of-bounds Read

*
  • M
Files or Directories Accessible to External Parties

*
  • M
Resource Exhaustion

*
  • C
Heap-based Buffer Overflow

<0:68.2.0-4.el6_10
  • C
Use After Free

<0:68.2.0-4.el6_10
  • C
Buffer Overflow

<0:68.2.0-4.el6_10
  • C
Buffer Overflow

<0:68.2.0-4.el6_10
  • L
Heap-based Buffer Overflow

*
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:68.2.0-4.el6_10
  • C
Exposed Dangerous Method or Function

<0:68.2.0-4.el6_10
  • C
Cross-site Scripting (XSS)

<0:68.2.0-4.el6_10
  • C
Buffer Overflow

<0:68.2.0-4.el6_10
  • H
Use After Free

<0:60.9.0-1.el6_10
  • H
Missing Authorization

<0:60.9.0-1.el6_10
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:60.9.0-1.el6_10
  • H
Cross-site Scripting (XSS)

<0:60.9.0-1.el6_10
  • H
Use After Free

<0:60.9.0-1.el6_10
  • H
Execution with Unnecessary Privileges

<0:60.9.0-1.el6_10
  • H
Buffer Overflow

<0:60.9.0-1.el6_10
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:60.9.0-1.el6_10
  • C
Reliance on Untrusted Inputs in a Security Decision

<0:60.8.0-1.el6_10
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.7.2-1.el6_10
  • C
Privilege Context Switching Error

<0:60.7.2-1.el6_10
  • C
Use After Free

<0:60.8.0-1.el6_10
  • C
Buffer Overflow

<0:60.8.0-1.el6_10
  • C
Cross-site Scripting (XSS)

<0:60.8.0-1.el6_10
  • C
Improper Cross-boundary Removal of Sensitive Data

<0:60.8.0-1.el6_10
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.8.0-1.el6_10
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.8.0-1.el6_10
  • C
Improper Neutralization of Special Elements

<0:60.8.0-1.el6_10
  • C
Resource Exhaustion

<0:60.7.0-1.el6_10
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.7.0-1.el6_10
  • C
Unsynchronized Access to Shared Data in a Multithreaded Context

<0:60.7.0-1.el6_10
  • C
Buffer Overflow

<0:60.7.0-1.el6_10
  • C
Use After Free

<0:60.7.0-1.el6_10
  • C
Use After Free

<0:60.7.0-1.el6_10
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.7.0-1.el6_10
  • C
Buffer Overflow

<0:60.7.0-1.el6_10
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.7.0-1.el6_10
  • C
Use After Free

<0:60.7.0-1.el6_10
  • C
Out-of-bounds Read

<0:60.7.0-1.el6_10
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.7.0-1.el6_10
  • C
Information Exposure

<0:60.7.0-1.el6_10
  • H
Use After Free

<0:60.5.1-1.el6_10
  • C
Out-of-Bounds

<0:60.6.0-3.el6_10
  • C
Information Exposure

<0:60.6.0-3.el6_10
  • H
Integer Overflow or Wraparound

<0:60.5.1-1.el6_10
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.6.0-3.el6_10
  • C
Out-of-Bounds

<0:60.6.1-1.el6_10
  • C
Information Exposure

<0:60.6.0-3.el6_10
  • C
Use After Free

<0:60.6.0-3.el6_10
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.6.1-1.el6_10
  • C
Use After Free

<0:60.6.0-3.el6_10
  • C
Buffer Overflow

<0:60.6.0-3.el6_10
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.6.0-3.el6_10
  • L
Integer Overflow or Wraparound

*
  • L
Link Following

*
  • M
Integer Overflow or Wraparound

*
  • M
Improperly Implemented Security Check for Standard

*
  • M
Authentication Bypass

*
  • M
Integer Overflow or Wraparound

*
  • L
Improper Access Control

*
  • M
Files or Directories Accessible to External Parties

*
  • M
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Session Fixation

*
  • L
Untrusted Search Path

*
  • M
Improperly Implemented Security Check for Standard

*
  • L
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Deserialization of Untrusted Data

*
  • M
Integer Overflow or Wraparound

*
  • M
Out-of-bounds Read

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • M
Encoding Error

*
  • L
Improper Authorization

*
  • M
Encoding Error

*
  • L
Improper Authorization

*
  • L
Improper Cross-boundary Removal of Sensitive Data

*
  • L
Improperly Implemented Security Check for Standard

*
  • M
Improper Cross-boundary Removal of Sensitive Data

*
  • L
Information Exposure

*
  • M
Improper Neutralization of Special Elements

*
  • M
Cross-site Scripting (XSS)

*
  • M
Unsynchronized Access to Shared Data in a Multithreaded Context

*
  • L
Information Exposure

*
  • M
Improper Certificate Validation

*
  • M
Cryptographic Issues

*
  • M
Integer Overflow or Wraparound

*
  • M
Stack-based Buffer Overflow

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • L
Access Restriction Bypass

*
  • M
Access Restriction Bypass

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
CVE-2014-1586

*
  • M
CVE-2014-1585

*
  • L
Out-of-bounds Read

*
  • L
Out-of-Bounds

*
  • M
Information Exposure

*
  • L
Authentication Bypass

*
  • L
Improper Input Validation

*
  • M
Improper Cross-boundary Removal of Sensitive Data

<0:60.2.1-1.el6
  • M
Improper Input Validation

*
  • L
Product UI does not Warn User of Unsafe Actions

*
  • M
Improper Access Control

*
  • L
Access Restriction Bypass

*
  • M
Improper Input Validation

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improper Input Validation

*
  • M
Access Restriction Bypass

*
  • M
Cross-site Request Forgery (CSRF)

*
  • M
Access Restriction Bypass

*
  • L
CVE-2005-2395

*