CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2014-4243 – mysql: unspecified vulnerability related to ENFED (CPU July 2014)
https://notcve.org/view.php?id=CVE-2014-4243
17 Jul 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.35 y anteriores y 5.6.15 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con ENFED. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MyS... • http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html •
CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 0CVE-2014-4260 – mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)
https://notcve.org/view.php?id=CVE-2014-4260
17 Jul 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.37 y anteriores y 5.6.17 y anteriores, permite a usuarios remotos autenticados afectar la integridad y disponibilidad a través de vectores relacionados con SRCHAR. Multiple security issues were discovered in MySQL... • http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html •
CVSS: 9.1EPSS: 0%CPEs: 12EXPL: 0CVE-2014-4207 – mysql: unspecified vulnerability related to SROPTZR (CPU July 2014)
https://notcve.org/view.php?id=CVE-2014-4207
17 Jul 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.37 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con SROPTZR. Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fi... • http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html •
CVSS: 9.1EPSS: 0%CPEs: 26EXPL: 0CVE-2014-4258 – mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)
https://notcve.org/view.php?id=CVE-2014-4258
17 Jul 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.37 y anteriores y 5.6.17 y anteriores permite a usuarios remotos autenticados afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con SRINFOSC. Multiple sec... • http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html •
CVSS: 9.1EPSS: 0%CPEs: 12EXPL: 0CVE-2014-2494 – mysql: unspecified vulnerability related to ENARC (CPU July 2014)
https://notcve.org/view.php?id=CVE-2014-2494
17 Jul 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.37 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con ENARC. Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix th... • http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html •
CVSS: 10.0EPSS: 3%CPEs: 7EXPL: 0CVE-2014-2977 – Gentoo Linux Security Advisory 201701-55
https://notcve.org/view.php?id=CVE-2014-2977
11 Jun 2014 — Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow. Múltiples errores de sino de enteros en la función Dispatch_Write en proxy/dispatcher/idirectfbsurface_dispatcher.c en DirectFB 1.4.13 permiten a atacantes remotos causar una denegación de servicio (caída) y p... • http://advisories.mageia.org/MGASA-2015-0176.html • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 3%CPEs: 7EXPL: 0CVE-2014-2978 – Gentoo Linux Security Advisory 201701-55
https://notcve.org/view.php?id=CVE-2014-2978
11 Jun 2014 — The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write. La función Dispatch_Write en proxy/dispatcher/idirectfbsurface_dispatcher.c en DirectFB 1.4.4 permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de la interfaz Voodoo, lo que provoca u... • http://advisories.mageia.org/MGASA-2015-0176.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 96%CPEs: 16EXPL: 0CVE-2014-0221 – openssl: DoS when sending invalid DTLS handshake
https://notcve.org/view.php?id=CVE-2014-0221
05 Jun 2014 — The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. La función dtls1_get_message_fragment en d1_both.c en OpenSSL anterior a 0.9.8za, 1.0.0 anterior a 1.0.0m y 1.0.1 anterior a 1.0.1h permite a atacantes remotos causar una denegación de servicio (recursión y caída de cliente) a través de un mensaje DT... • http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 97%CPEs: 16EXPL: 0CVE-2014-3470 – openssl: client-side denial of service when using anonymous ECDH
https://notcve.org/view.php?id=CVE-2014-3470
05 Jun 2014 — The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. La función ssl3_send_client_key_exchange en s3_clnt.c en OpenSSL anterior a 0.9.8za, 1.0.0 anterior a 1.0.0m y 1.0.1 anterior a 1.0.1h, cuando un suite de cifrado ECDH anónimo está utilizado, permite a... • http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 1%CPEs: 38EXPL: 0CVE-2014-3467 – libtasn1: multiple boundary check issues
https://notcve.org/view.php?id=CVE-2014-3467
03 Jun 2014 — Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. Múltiples vulnerabilidades no especificadas en el decodificador DER en GNU Libtasn1 en versiones anteriores a 3.6, como se utiliza en GnuTLS, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo ASN.1 manipulado. Multiple buffer boundary check issues ... • http://advisories.mageia.org/MGASA-2014-0247.html • CWE-125: Out-of-bounds Read •