CVSS: 9.3EPSS: 0%CPEs: 22EXPL: 0CVE-2013-0775 – Mozilla: Use-after-free in nsImageLoadingContent (MFSA 2013-26)
https://notcve.org/view.php?id=CVE-2013-0775
19 Feb 2013 — Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script. Vulnerabilidad de uso de memoria después de libreación en la función nsImageLoadingContent::OnStopContainer en Mozilla Firefox anterior a v19.0, Firefox ESR v17.x anterior a v17.0.3, Thunderbird anteri... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 22EXPL: 0CVE-2013-0776 – Mozilla: Phishing on HTTPS connection through malicious proxy (MFSA 2013-27)
https://notcve.org/view.php?id=CVE-2013-0776
19 Feb 2013 — Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site. Mozilla Firefox anterior a v19.0, Firefox ESR v17.x anterior a v17.0.3, Thunderbird anterior a v17.0.3, Thunderbird ESR 17.x anterior a v17.0.3, y SeaMonkey... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 1%CPEs: 22EXPL: 0CVE-2013-0780 – Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)
https://notcve.org/view.php?id=CVE-2013-0780
19 Feb 2013 — Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties. Vulnerabilidad de uso después de la liberación en la función nsOverflowContinuationT... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html • CWE-125: Out-of-bounds Read CWE-416: Use After Free •
CVSS: 9.8EPSS: 2%CPEs: 22EXPL: 0CVE-2013-0782 – Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)
https://notcve.org/view.php?id=CVE-2013-0782
19 Feb 2013 — Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en memoria dinámica en la función nsSaveAsCharset::DoCharsetConversion en Mozilla Firefox anterior a v19.0, Firefox ESR v17.x anterior a v17.0.3, Thunderbird anterior a v17.... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 22EXPL: 0CVE-2013-0783 – Mozilla: Miscellaneous memory safety hazards (rv:17.0.3) (MFSA 2013-21)
https://notcve.org/view.php?id=CVE-2013-0783
19 Feb 2013 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a v19.0, Firefox ESR v17.x anterior a v17.0.3, Thund... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html •
CVSS: 9.8EPSS: 6%CPEs: 24EXPL: 0CVE-2012-6075 – qemu: e1000 driver buffer overflow when processing large packets when SBP and LPE flags are disabled
https://notcve.org/view.php?id=CVE-2012-6075
13 Feb 2013 — Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet. Desbordamiento de buffer en la función e1000_receive del controlador de dispositivo e1000 (hw/e1000.c) en QEMU v1.3.0-rc2 y otras versiones, cuando las banderas de PAS y LPE están deshabilitadas, permiten ataques re... • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=b0d9ffcd0251161c7c92f94804dcf599dfa3edeb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 20%CPEs: 18EXPL: 0CVE-2013-0170 – libvirt: use-after-free in virNetMessageFree()
https://notcve.org/view.php?id=CVE-2013-0170
08 Feb 2013 — Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue. Vulnerabilidad de uso después de liberación en la función virNetMessageFree en rpc/l... • http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=46532e3e8ed5f5a736a02f67d6c805492f9ca720 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2013-0375 – mysql: Unspecified vulnerability in the server replication of the Oracle MySQL server allows remote attackers to alter confidentiality and integrity
https://notcve.org/view.php?id=CVE-2013-0375
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication. Una vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.1.66 y anteriores y v5.1.28 y anteriores, permite a usuarios remotos autenticados afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con los servidores de ... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •
CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0CVE-2013-0383 – mysql: unspecified unauthenticated DoS vulnerability related to Server Locking (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2013-0383
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking. Una vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores, permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos relacionados con el bloqueo del servidor. Multiple vulnerabilities have been found in MySQL, all... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •
CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2013-0384 – mysql: unspecified DoS vulnerability related to Information Schema (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2013-0384
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema. Una vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con los esquemas de información. Multiple vulnerabilities... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •