CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2475
https://notcve.org/view.php?id=CVE-2014-2475
15 Oct 2014 — Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv). Vulnerabilidad sin especificar en el componente Oracle Secure Global Desktop en Oracle Virtualization 4.63, 4.71, 5.0 y 5.1 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con el servidor proxy SGD (ttaauxserv). • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •
CVSS: 7.8EPSS: 5%CPEs: 114EXPL: 0CVE-2014-0230 – tomcat: non-persistent DoS attack by feeding data by aborting an upload
https://notcve.org/view.php?id=CVE-2014-0230
17 Sep 2014 — Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts. Apache Tomcat 6.x en versiones anteriores a 6.0.44, 7.x en versiones anteriores a 7.0.55 y 8.x en versiones anteriores a 8.0.9 no maneja adecuadamente los casos en los que se produce una respuesta HTTP... • http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2014-4232
https://notcve.org/view.php?id=CVE-2014-4232
17 Jul 2014 — Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-2463. Vulnerabilidad no especificada en el componente Oracle Secure Global Desktop (SGD) en Oracle Virtualization 4.63, 4.71, 5.0 y 5.1 permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Works... • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2463
https://notcve.org/view.php?id=CVE-2014-2463
16 Apr 2014 — Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-4232. Vulnerabilidad no especificada en el componente Oracle Secure Global Desktop (SGD) en Oracle Virtualization 4.63, 4.71, 5.0 y 5.1 permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Works... • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2014-0419
https://notcve.org/view.php?id=CVE-2014-0419
15 Jan 2014 — Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 with December 2013 PSU, 4.71, 5.0 with December 2013 PSU, and 5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console and Workspace Web Applications. Vulnerabilidad no especificada en el componente Oracle Secure Global Desktop (SGD) de Oracle Virtualization SGD anteriores a 4.63 con PSU Diciembre 2013, 4.71; 5... • http://osvdb.org/102110 •
CVSS: 9.8EPSS: 0%CPEs: 33EXPL: 0CVE-2012-3515 – qemu: VT100 emulation vulnerability
https://notcve.org/view.php?id=CVE-2012-3515
23 Nov 2012 — Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." Qemu, tal como se utiliza en Xen v4.0, v4.1 y posiblemente otros productos, al emular ciertos dispositivos con una consola virtual, permite a los usuarios locales del SO invitado obtener privilegios a través de una secuencia VT100 de escape m... • http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •