CVSS: 4.3EPSS: 2%CPEs: 24EXPL: 1CVE-2014-9670 – freetype: integer overflow in pcf_get_encodings() leading to NULL pointer dereference
https://notcve.org/view.php?id=CVE-2014-9670
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row. Múltiples erroes de signo de enteros en la función pcf_get_encodings en pcf/pcfread.c en FreeType anterior a 2.5.4 permiten a atacantes remotos causar una denegación de servicio (desbordamiento de enteros, referencia a puntero nulo y caída de aplicación) a través de un fichero PCF manipulado que especifica valores negativos para la primera columna y la primera fila. • http://advisories.mageia.org/MGASA-2015-0083.html http://code.google.com/p/google-security-research/issues/detail?id=158 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6 http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html http://rhn.redhat.com/errata/RHSA-2015-0696.html • CWE-189: Numeric Errors CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 4%CPEs: 22EXPL: 1CVE-2014-9661 – freetype: out of bounds read in Type42 font parser
https://notcve.org/view.php?id=CVE-2014-9661
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font. type42/t42parse.c en FreeType anterior a 2.5.4 no considera que escaneo puede resultar incompleto sin provoca un error, lo que permite a atacantes remotos causar una denegación de servicio (uso después de liberación) o posiblemente tener otro impacto no especificado a través de una fuente Type42 manipulada. A use-after-free condition has been encountered in FreeType while fuzzing Type42 fonts. Version 2.5.3 is affected. • http://advisories.mageia.org/MGASA-2015-0083.html http://code.google.com/p/google-security-research/issues/detail?id=187 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669 http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html http://lists.opensuse& • CWE-125: Out-of-bounds Read •
CVSS: 3.5EPSS: 0%CPEs: 23EXPL: 0CVE-2015-0236 – libvirt: missing ACL check for the VIR_DOMAIN_XML_SECURE flag in save images and snapshots objects
https://notcve.org/view.php?id=CVE-2015-0236
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface. libvirt anterior a 1.2.12 permite a usuarios remotos autenticados obtener la contraseña VNC mediante el uso del indicador VIR_DOMAIN_XML_SECURE con (1) una instantánea manipulada a la interfaz virDomainSnapshotGetXMLDesc o (2) una imagen manipulada a la interfaz virDomainSaveImageGetXMLDesc. It was discovered that the virDomainSnapshotGetXMLDesc() and virDomainSaveImageGetXMLDesc() functions did not sufficiently limit the usage of the VIR_DOMAIN_XML_SECURE flag when fine-grained ACLs were enabled. A remote attacker able to establish a connection to libvirtd could use this flaw to obtain certain sensitive information from the domain XML file. • http://advisories.mageia.org/MGASA-2015-0046.html http://lists.opensuse.org/opensuse-updates/2015-02/msg00028.html http://rhn.redhat.com/errata/RHSA-2015-0323.html http://secunia.com/advisories/62766 http://security.libvirt.org/2015/0001.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:035 http://www.mandriva.com/security/advisories?name=MDVSA-2015:070 http://www.ubuntu.com/usn/USN-2867-1 https://access.redhat.com/security/cve/CVE-2015-0236 https://bugz • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.0EPSS: 0%CPEs: 20EXPL: 0CVE-2015-0432 – mysql: unspecified vulnerability related to Server:InnoDB:DDL:Foreign Key (CPU Jan 2015)
https://notcve.org/view.php?id=CVE-2015-0432
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.40 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con Server : InnoDB : DDL : Foreign Key. • http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-0116.html http://rhn.redhat.com/errata/RHSA-2015-0117.html http://rhn.redhat.com/errata/RHSA-2015-0118.html http://rhn.redhat.com/errata/RHSA-2015-1628.html http://secunia.com/advisories/62728 http://secunia.com/advisories/62730 http://secunia.com/advisories/62732 http://www.debia •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2014-7300 – gnome-shell: lockscreen bypass with printscreen key
https://notcve.org/view.php?id=CVE-2014-7300
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer. GNOME Shell 3.14.x anterior a 3.14.1, cuando se utiliza la característica Screen Lock, no se limita el consumo de memoria para todas las peticiones activas PrtSc , lo que permite a atacantes cercanos físicamente ejecutar comandos arbitrarios en una estación de trabajo desatendida haciendo numerosas peticiones PrtSc y aprovechando un bloqueo temporal, y la disponibilidad de una shell resultante temporal, causada por Linux kernel OOM killer. It was found that the Gnome shell did not disable the Print Screen key when the screen was locked. This could allow an attacker with physical access to a system with a locked screen to crash the screen-locking application by creating a large amount of screenshots. • http://openwall.com/lists/oss-security/2014/09/29/17 http://rhn.redhat.com/errata/RHSA-2015-0535.html https://bugzilla.gnome.org/show_bug.cgi?id=737456 https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013 https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378 https://access.redhat.com/security/cve/CVE-2014-7300 https://bugzilla.redhat.com/show_bug.cgi?id=1147917 • CWE-305: Authentication Bypass by Primary Weakness CWE-399: Resource Management Errors •