Page 38 of 430 results (0.011 seconds)

CVSS: 4.0EPSS: 0%CPEs: 16EXPL: 0

CVE-2013-3809

https://notcve.org/view.php?id=CVE-2013-3809

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log. Vulnerabilidad sin especificar en el componente MySQL Server en Oracle MySQL 5.5.31 y anteriores y 5.6.11 y anteriores, permite a usuarios autenticados remotamente comprometer la integridad a través de vectores relacionados con Audit Log. • http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html http://osvdb.org/95322 http://secunia.com/advisories/54300 http://www.debian.org/security/2013/dsa-2818 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwor •

CVSS: 3.5EPSS: 0%CPEs: 17EXPL: 0

CVE-2013-3812

https://notcve.org/view.php?id=CVE-2013-3812

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication. Vulnerabilidad sin especificar en el componente MySQL Server en Oracle MySQL 5.5.31 y anteriores y 5.6.11 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a través de vectores relacionados con Server Replication. • http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html http://osvdb.org/95336 http://secunia.com/advisories/54300 http://www.debian.org/security/2013/dsa-2818 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwor •

CVSS: 5.0EPSS: 92%CPEs: 23EXPL: 1

CVE-2013-1896 – httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav

https://notcve.org/view.php?id=CVE-2013-1896

mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI. mod_dav.c en el Apache HTTP Server anterior a 2.2.25 no determina adecuadamente si DAV está activado para URI, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) a través de una petición MERGE en la que la URI está configurada para manejarse con el módulo mod_dav_svn, pero determinados atributos href en los datos XML se refieren a una URI que no es del tipo DAV. • http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html http://rhn.redhat.com/errata/RHSA-2013-1156.html http://rhn.redhat.com/errata/RHSA-2013-1207.html http://rhn.redhat.com/errata/RHSA-2013-1208.html http://rhn.redhat.com/errata/RHSA-2013-1209.html http://secunia.com/advisories/55032 http://support.apple.com/kb/HT6150 http:/ •

CVSS: 6.8EPSS: 9%CPEs: 169EXPL: 1

CVE-2013-2174 – curl: Loop counter error, leading to heap-based buffer overflow when decoding certain URLs

https://notcve.org/view.php?id=CVE-2013-2174

Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character. Desbordamiento de búfer basado en memoria dinámica en la función curl_easy_unescape en lib/escape.c en cURL y libcurl 7.7 a la 7.30.0, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente la ejecución de código arbitrario a través de una cadena manipulada que termina con el carácter "%". • http://curl.haxx.se/docs/adv_20130622.html http://lists.opensuse.org/opensuse-updates/2013-07/msg00013.html http://rhn.redhat.com/errata/RHSA-2013-0983.html http://www.debian.org/security/2013/dsa-2713 http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocus.com/bid/60737 http://www.ubuntu.com/usn/USN-1894-1 https://github.com/bagder/curl/commit/192c4f788d48 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 6.9EPSS: 0%CPEs: 9EXPL: 1

CVE-2013-2852 – Linux Kernel 3.3.5 - 'b43' Wireless Driver Privilege Escalation

https://notcve.org/view.php?id=CVE-2013-2852

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message. Vulnerabilidad de formato de cadena en la función b43_request_firmware de drivers/net/wireless/b43/main.c en el driver del Broadcom B43 inhalambrico para el kernel Linux hasta la versión v3.9.4 permite a usuarios locales conseguir privilegios haciendo uso de acceso root e incluyendo especificaciones de formato de cadena en un parámetro fwpostfix modprobe, provocando una construcción inapropiada de un mensaje de error • https://www.exploit-db.com/exploits/38559 http://git.kernel.org/cgit/linux/kernel/git/linville/wireless.git/commit/?id=9538cbaab6e8b8046039b4b2eb6c9d614dc782bd http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html http://rhn.redhat.com/errata/RHSA-2013-1051.html http://rhn.redhat.com/errata/RHSA-2013-1450.html http://www.debian.org/security/2013/dsa-2766 http://www.openwall.com/lists/oss-security/2013 • CWE-134: Use of Externally-Controlled Format String •