Page 42 of 405 results (0.021 seconds)

CVSS: 9.8EPSS: 1%CPEs: 27EXPL: 11

CVE-2014-1477 – Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)

https://notcve.org/view.php?id=CVE-2014-1477

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://download.novell.com/Download?buildid=VYQsgaFpQ2k http://download.novell.com/Download?buildid=Y2fux-JW1Qc http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http://lists •

CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 1

CVE-2014-1481 – Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)

https://notcve.org/view.php?id=CVE-2014-1481

Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines. Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permiten a atacantes remotos evadir restricciones en objetos de ventana mediante el aprovechamiento de la inconsistencia en los métodos getter nativos entre diferentes motores JavaScript. • http://download.novell.com/Download?buildid=VYQsgaFpQ2k http://download.novell.com/Download?buildid=Y2fux-JW1Qc http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http://lists •

CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 1

CVE-2014-1479 – Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)

https://notcve.org/view.php?id=CVE-2014-1479

The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes. La implementación System Only Wrapper (SOW) en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 no previene ciertas operaciones de clonado, lo que permite a atacantes remotos evadir restricciones sobre contenido XUL a través de vectores que involucran el alcance del contenido XBL. • http://download.novell.com/Download?buildid=VYQsgaFpQ2k http://download.novell.com/Download?buildid=Y2fux-JW1Qc http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http://lists •

CVSS: 7.5EPSS: 95%CPEs: 63EXPL: 0

CVE-2014-0001 – mysql: command-line tool buffer overflow via long server version string

https://notcve.org/view.php?id=CVE-2014-0001

Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string. Desbordamiento de buffer en client/mysql.cc en Oracle MySQL y MariaDB anterior a 5.5.35 permite a servidores de bases de datos remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una cadena de versión del servidor larga. • http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 http://osvdb.org/102713 http://rhn.redhat.com/errata/RHSA-2014-0164.html http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/52161 http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 http://www.os • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2014-0420 – mysql: unspecified vulnerability related to Replication DoS (CPU Jan 2014)

https://notcve.org/view.php?id=CVE-2014-0420

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.534 y anteriores, y 5.6.14 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Replication. • http://osvdb.org/102077 http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/56491 http://secunia.com/advisories/56580 http://security.gentoo.org/glsa/glsa-201409-04.xml http://ubuntu.com/usn/usn-2086-1 http://www.debian.org/security/2014/dsa-2848 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www •