CVSS: 5.0EPSS: 2%CPEs: 23EXPL: 0CVE-2014-8964 – pcre: incorrect handling of zero-repeat assertion conditions
https://notcve.org/view.php?id=CVE-2014-8964
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. Desbordamiento de buffer basado en memoria dinámica en PCRE 8.36 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) o tener otro impacto no especificado a través de una expresión regular manipulada, relacionado con una aserción que permite cero repeticiones. A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application (for example, Konqueror) linked against PCRE to crash while parsing malicious regular expressions. • http://advisories.mageia.org/MGASA-2014-0534.html http://bugs.exim.org/show_bug.cgi?id=1546 http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html http://rhn.redhat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2014-6530 – mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
https://notcve.org/view.php?id=CVE-2014-6530
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP. Vulnerabilidad sin especificar en Oracle MySQL Server 5.5.38 y anteriores, y 5.6.19 y anteriores, permite a usuarios remotos autenticados afectar a la confidencialidad, la integridad, y la disponibilidad a través de vectores relacionados con CLIENT:MYSQLDUMP. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html http://www.securityfocus.com/bid/70486 https://access.redhat.com/security/cve/CVE-2014-6530 https://bugzilla.redhat.com/show_bug.cgi?id=1153493 •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2014-6507 – mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
https://notcve.org/view.php?id=CVE-2014-6507
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. Vulnerabilidad sin especificar en Oracle MySQL Server 5.5.39 and anteriores, and 5.6.20 and anteriores, permite a usuarios remotos autenticados afectar la confidencialidad, la disponibilidad a través de vectores relacionados con SERVER:DML. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://secunia.com/advisories/61579 http://secunia.com/advisories/62073 http://security.gentoo.org/glsa/glsa-201411-02.xml http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html http://www.securityfocus.com/bid/70550 https://access.redhat.com/security&#x •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2014-6500
https://notcve.org/view.php?id=CVE-2014-6500
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491. Vulnerabilidad sin especificar en Oracle MySQL Server 5.5.39 y anteriores, y 5.6.20 y anteriores, permite a atacantes remotos afectar a la confidencialidad, la integridad y a la disponibilidad, a través de vectores relacionados con SERVER:SSL:yaSSL, una vulnerabilidad diferente a CVE-2014-6491. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://secunia.com/advisories/61579 http://secunia.com/advisories/62073 http://security.gentoo.org/glsa/glsa-201411-02.xml http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html http://ww •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2014-6494
https://notcve.org/view.php?id=CVE-2014-6494
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496. Vulnerabilidad sin especificar en Oracle MySQL Server 5.5.39 y anteriores, y 5.6.20 y anteriores, permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con CLIENT:SSL:yaSSL, una diferente vulnerabilidad a CVE-2014-6496. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://secunia.com/advisories/61579 http://secunia.com/advisories/62073 http://security.gentoo.org/glsa/glsa-201411-02.xml http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html http://ww •