Page 100 of 1450 results (0.011 seconds)

CVSS: 4.0EPSS: 0%CPEs: 33EXPL: 0

CVE-2015-2648 – mysql: unspecified vulnerability related to Server:DML (CPU July 2015)

https://notcve.org/view.php?id=CVE-2015-2648

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.43 y anteriores y 5.6.24 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con DML. • http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html http://rhn.redhat.com/errata/RHSA-2015-1628.html http://rhn.redhat.com/errata/RHSA-2015-1629.html http://rhn.redhat.com/errata/RHSA-2015-1630.html http://rhn.redhat.com/errata/RHSA-2015-1646.html http://rhn.redhat.com/errata/RHSA-2015-1647.html http://rhn.redhat.com/errata/RHSA-2015-1665.html http://www.debian.org/security/2015/dsa-3308 http://www.debian.org/security/2015/dsa-3311 http:// •

CVSS: 5.0EPSS: 2%CPEs: 17EXPL: 0

CVE-2015-1819 – libxml2: denial of service processing a crafted XML document

https://notcve.org/view.php?id=CVE-2015-1819

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Vulnerabilidad en el xmlreader en libxml, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de datos XML manipulados, relacionada con un ataque XML Entity Expansión (XEE). A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html http://lists.opensuse.org/opensuse-updates/2015- • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 0%CPEs: 56EXPL: 0

CVE-2015-3281 – haproxy: information leak in buffer_slow_realign()

https://notcve.org/view.php?id=CVE-2015-3281

The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request. La función buffer_slow_realign en HAProxy 1.5.x anterior a 1.5.14 y 1.6-dev no realinea correctamente un buffer que es utilizado para datos salientes pendientes, lo que permite a atacantes remotos obtener información sensible (contenidos de memoria no inicializada de solicitudes previas) a través de una solicitud manipulada. An implementation error related to the memory management of request and responses was found within HAProxy's buffer_slow_realign() function. An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session. • http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html http://rhn.redhat.com/errata/RHSA-2015-1741.html http://rhn.redhat.com/errata/RHSA-2015-2666.html http://www.debian.org/security/2015/dsa-3301 http://www.haproxy.org/news.html http://www.securityfocus.com/bid/75554 http://www.ubuntu.com& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 2%CPEs: 4EXPL: 0

CVE-2015-0848 – libwmf: heap overflow when decoding BMP images

https://notcve.org/view.php?id=CVE-2015-0848

Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image. Desbordamiento de buffer basado en memoria dinámica en libwmf 0.2.8.4 permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una imagen BMP manipulada. It was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) containing BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application. • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168507.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165547.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1917.html http://www • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 6.8EPSS: 3%CPEs: 4EXPL: 1

CVE-2015-4588 – libwmf: heap overflow within the RLE decoding of embedded BMP images

https://notcve.org/view.php?id=CVE-2015-4588

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file. Desbordamiento de buffer basado en memoria dinámica en la función DecodeImage en libwmf 0.2.8.4 permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una 'cuenta del longitud de realización' manipulada en una imagen en un fichero WMF. It was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application. • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1917.html http://www.debian.org/security/2015/dsa-3302 http://www.openwall.com/lists/oss-security/2015/06/03/6 http://www.openwall.com/lists/oss-security/2015/06/16& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •