CVSS: 9.8EPSS: 0%CPEs: 23EXPL: 0CVE-2014-2440 – Gentoo Linux Security Advisory 201409-04
https://notcve.org/view.php?id=CVE-2014-2440
16 Apr 2014 — Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente MySQL Client en Oracle MySQL 5.5.36 y anteriores y 5.6.16 y anteriores, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. Unspecified vulnerability in the MySQL Server component in... • http://rhn.redhat.com/errata/RHSA-2014-0522.html •
CVSS: 9.8EPSS: 1%CPEs: 22EXPL: 0CVE-2014-0384 – mysql: unspecified DoS related to XML (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-0384
15 Apr 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.35 y anteriores y 5.6.15 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con XML. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and ... • http://rhn.redhat.com/errata/RHSA-2014-0522.html •
CVSS: 7.5EPSS: 89%CPEs: 76EXPL: 1CVE-2013-5704 – httpd: bypass of mod_headers rules via chunked requests
https://notcve.org/view.php?id=CVE-2013-5704
15 Apr 2014 — The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." El módulo mod_headers en el servidor de Apache HTTP 2.2.22 permite a atacantes remotos evadir directivas "RequestHeader unset" mediante la colocación de una cabera en la porción "trailer" de datos enviados con codificación de tran... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 13%CPEs: 32EXPL: 1CVE-2014-2497 – gd: NULL pointer dereference in gdImageCreateFromXpm()
https://notcve.org/view.php?id=CVE-2014-2497
21 Mar 2014 — The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. La función gdImageCreateFromXpm en gdxpm.c en libgd, utilizado en PHP 5.4.26 y anteriores, permite a atacantes remotos causar una denegación de servicio (referencia a puntero cero y caída de aplicación) a través de una tabla de color manipulada en un archivo XPM. A NULL pointer... • http://advisories.mageia.org/MGASA-2014-0288.html • CWE-476: NULL Pointer Dereference •