CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 1CVE-2014-9462
https://notcve.org/view.php?id=CVE-2014-9462
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command. La función _validaterepo en sshpeer en Mercurial anterior a 3.2.4 permite a atacantes remotos ejecutar comandos arbitrarios a través de un nombre de repositorio manipulado en un comando clon. • http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00085.html http://mercurial.selenic.com/wiki/WhatsNew http://www.debian.org/security/2015/dsa-3257 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.osvdb.org/119816 https://security.gentoo.org/glsa/201612-19 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2014-8127 – libtiff: out-of-bounds read with malformed TIFF image in multiple tools
https://notcve.org/view.php?id=CVE-2014-8127
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool. LibTIFF 4.0.3 permite a atacantes remotos producir una denegación de servicio (lectura y bloqueo fuera de límites) a través de una imagen TIFF en la función (1) checkInkNamesString en tif_dir.c en la herramienta thumbnail, la función (2) compressioncontig en Tiff2bw.c en la herramienta tiff2bw, la función (3) putcontig8bitCIELab en tif_getimage.c en la herramienta tiff2rgba, las funciones LZWPreDecode en tif_lzw.c (4) tiff2ps o (5) la herramienta tiffdither , en la función (6) NeXTDecode en tif_next.c en la herramienta tiffmedian, o en la función (7) TIFFWriteDirectoryTagLongLong8Array en tif_dirwrite.c en la herramienta tiffset. • http://bugzilla.maptools.org/show_bug.cgi?id=2484 http://bugzilla.maptools.org/show_bug.cgi?id=2485 http://bugzilla.maptools.org/show_bug.cgi?id=2486 http://bugzilla.maptools.org/show_bug.cgi?id=2496 http://bugzilla.maptools.org/show_bug.cgi? • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-9114
https://notcve.org/view.php?id=CVE-2014-9114
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. Blkid en util-linux en versiones anteriores a 2.26rc-1 permite a usuarios locales ejecutar código arbitrario. • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145188.html http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146229.html http://lists.opensuse.org/opensuse-updates/2015-01/msg00035.html http://www.openwall.com/lists/oss-security/2014/11/26/21 http://www.securityfocus.com/bid/71327 https://bugzilla.redhat.com/show_bug.cgi?id=1168485 https://exchange.xforce.ibmcloud.com/vulnerabilities/98993 https://github.com/karelzak/util-linux/commit/89e90ae7b2826110ea28 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 10%CPEs: 66EXPL: 1CVE-2015-2787 – php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re
https://notcve.org/view.php?id=CVE-2015-2787
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231. Vulnerabilidad de uso después de liberación en la función process_nested_data en ext/standard/var_unserializer.re en PHP anterior a 5.4.39, 5.5.x anterior a 5.5.23, y 5.6.x anterior a 5.6.7 permite a atacantes remotos ejecutar código arbitrario a través de una llamada no serializada manipulada que aprovecha el uso de la función unset dentro de una función __wakeup, un problema relacionado con CVE-2015-0231. A flaws was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html http://marc.info/?l=bugtraq&m=143748090628601&w=2 http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2015-1053.html http:// • CWE-416: Use After Free •
CVSS: 5.0EPSS: 3%CPEs: 12EXPL: 1CVE-2014-9709 – gd: buffer read overflow in gd_gif_in.c
https://notcve.org/view.php?id=CVE-2014-9709
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function. La función GetCode_ en gd_gif_in.c en GD 2.1.1 y anteriores, utilizado en PHP anterior a 5.5.21 y 5.6.x anterior a 5.6.5, permite a atacantes remotos causar una denegación de servicio (sobre lectura de buffer y caída de aplicación) a través de una imagen GIF manipulada que es manejada incorrectamente por la función gdImageCreateFromGif. A buffer over-read flaw was found in the GD library. A specially crafted GIF file could cause an application using the gdImageCreateFromGif() function to crash. • http://advisories.mageia.org/MGASA-2015-0040.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html http://marc.info/?l=bugtraq&m=143403519711434&w=2 http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2015-1053.html http://rhn.redhat.com/errata/RHSA-2015-1066.html http://rhn.redhat.com/errata/RHS • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •