Page 33 of 348 results (0.014 seconds)

CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 1

CVE-2014-1479 – Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)

https://notcve.org/view.php?id=CVE-2014-1479

The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes. La implementación System Only Wrapper (SOW) en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 no previene ciertas operaciones de clonado, lo que permite a atacantes remotos evadir restricciones sobre contenido XUL a través de vectores que involucran el alcance del contenido XBL. • http://download.novell.com/Download?buildid=VYQsgaFpQ2k http://download.novell.com/Download?buildid=Y2fux-JW1Qc http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http://lists •

CVSS: 7.5EPSS: 95%CPEs: 63EXPL: 0

CVE-2014-0001 – mysql: command-line tool buffer overflow via long server version string

https://notcve.org/view.php?id=CVE-2014-0001

Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string. Desbordamiento de buffer en client/mysql.cc en Oracle MySQL y MariaDB anterior a 5.5.35 permite a servidores de bases de datos remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una cadena de versión del servidor larga. • http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 http://osvdb.org/102713 http://rhn.redhat.com/errata/RHSA-2014-0164.html http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/52161 http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 http://www.os • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2014-0420 – mysql: unspecified vulnerability related to Replication DoS (CPU Jan 2014)

https://notcve.org/view.php?id=CVE-2014-0420

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.534 y anteriores, y 5.6.14 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Replication. • http://osvdb.org/102077 http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/56491 http://secunia.com/advisories/56580 http://security.gentoo.org/glsa/glsa-201409-04.xml http://ubuntu.com/usn/usn-2086-1 http://www.debian.org/security/2014/dsa-2848 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www •

CVSS: 3.5EPSS: 0%CPEs: 20EXPL: 0

CVE-2014-0437 – mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)

https://notcve.org/view.php?id=CVE-2014-0437

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores y 5.6.14 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Optimizer. • http://osvdb.org/102074 http://rhn.redhat.com/errata/RHSA-2014-0164.html http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/56491 http://secunia.com/advisories/56541 http://secunia.com/advisories/56580 http://security.gentoo.org/glsa/glsa-201409-04.xml http://ubuntu.com/usn/usn-2086-1 http://www.debian.org/security/2014/dsa-2845 •

CVSS: 4.0EPSS: 0%CPEs: 20EXPL: 0

CVE-2014-0401 – mysql: unspecified DoS vulnerability (CPU Jan 2014)

https://notcve.org/view.php?id=CVE-2014-0401

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores, y 5.6.14 y anteriores que permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. • http://osvdb.org/102071 http://rhn.redhat.com/errata/RHSA-2014-0164.html http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/56491 http://secunia.com/advisories/56541 http://secunia.com/advisories/56580 http://security.gentoo.org/glsa/glsa-201409-04.xml http://ubuntu.com/usn/usn-2086-1 http://www.debian.org/security/2014/dsa-2845 •