CVSS: 10.0EPSS: 2%CPEs: 24EXPL: 0CVE-2012-3956 – Mozilla: Multiple Use-after-free issues (MFSA 2012-58)
https://notcve.org/view.php?id=CVE-2012-3956
29 Aug 2012 — Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Vulnerabilidad usar-después-liberar(use-after-free) en la función MediaStreamGraphThreadRunnable::Ru en Mozilla Firefox anterior a v15.0, Firefox ESR v... • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 2%CPEs: 24EXPL: 0CVE-2012-3960 – Mozilla: Multiple Use-after-free issues (MFSA 2012-58)
https://notcve.org/view.php?id=CVE-2012-3960
29 Aug 2012 — Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Vulnerabilidad usar-después-liberar(use-after-free) en la función mozSpellChecker::SetCurrentDictionary en Mozilla Firefox anterior a v15.0, Firefox ... • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 2%CPEs: 24EXPL: 0CVE-2012-3963 – Mozilla: Multiple Use-after-free issues (MFSA 2012-58)
https://notcve.org/view.php?id=CVE-2012-3963
29 Aug 2012 — Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad usar-después-liberar(use-after-free) en la función js::gc::MapAllocToTraceKind en Mozilla Firefox anterior a v15.0, Firefox ESR v10.x anterior a v10.0.7, Thunderbird anterior a v15.0, Thunderbird ES... • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 24EXPL: 0CVE-2012-3968 – Mozilla: WebGL use-after-free and memory corruption (MFSA 2012-62)
https://notcve.org/view.php?id=CVE-2012-3968
29 Aug 2012 — Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor. Vulnerabilidad de liberación después de uso en la implementación WebGL en Mozilla Firefox anterior a v15.0, Firefox ESR v10.x anterior a v10.0.7, Thunderbird anterior a v15.0, Thunderb... • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 94%CPEs: 85EXPL: 5CVE-2012-4681 – Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-4681
28 Aug 2012 — Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to a... • https://www.exploit-db.com/exploits/20865 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 1%CPEs: 22EXPL: 0CVE-2012-3489 – postgresql: File disclosure through XXE in xmlparse by DTD validation
https://notcve.org/view.php?id=CVE-2012-3489
20 Aug 2012 — The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue. La función xml_parse en el soporte libxml2 en el componente de servidor cen... • http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2012-0540 – mysql: unspecified vulnerability related to GIS extension DoS (CPU Jul 2012)
https://notcve.org/view.php?id=CVE-2012-0540
17 Jul 2012 — Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension. Vulnerabilidad no especificada en Oracle MySQL Server v5.1.62 y anteriores y v5.5.23 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad, en relación a la extensión SIG. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. ... • http://osvdb.org/83976 •
CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 0CVE-2012-1689 – mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Jul 2012)
https://notcve.org/view.php?id=CVE-2012-1689
17 Jul 2012 — Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en Oracle MySQL Server v5.1.62 y anteriores, y v5.5.22 y anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con el Optimizador de servidor. MySQL is a multi-user, multi-threaded SQL database server. It cons... • http://osvdb.org/83980 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2012-1734 – mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Jul 2012)
https://notcve.org/view.php?id=CVE-2012-1734
17 Jul 2012 — Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en Oracle MySQL Server v5.1.62 y v5.5.23 y anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con el Optimizador de servidor. MySQL is a multi-user, multi-threaded SQL database server. It consists of the My... • http://osvdb.org/83979 •
CVSS: 9.8EPSS: 0%CPEs: 174EXPL: 0CVE-2012-1717 – OpenJDK: insecure temporary file permissions (JRE, 7143606)
https://notcve.org/view.php?id=CVE-2012-1717
13 Jun 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualización 35 y anteriores, y v1.4.2_37 y anteriores permite ... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html • CWE-732: Incorrect Permission Assignment for Critical Resource •