CVSS: 3.5EPSS: 0%CPEs: 23EXPL: 0CVE-2014-2430 – mysql: unspecified DoS related to Performance Schema (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-2430
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.36 y anteriores y 5.6.16 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Performance Schema. • http://rhn.redhat.com/errata/RHSA-2014-0522.html http://rhn.redhat.com/errata/RHSA-2014-0536.html http://rhn.redhat.com/errata/RHSA-2014-0537.html http://rhn.redhat.com/errata/RHSA-2014-0702.html http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66858 https://access.redhat.com/security/cve/C •
CVSS: 3.5EPSS: 1%CPEs: 23EXPL: 0CVE-2014-2431 – mysql: unspecified DoS related to Options (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-2431
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.36 y anteriores y 5.6.16 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con las opciones. • http://rhn.redhat.com/errata/RHSA-2014-0522.html http://rhn.redhat.com/errata/RHSA-2014-0536.html http://rhn.redhat.com/errata/RHSA-2014-0537.html http://rhn.redhat.com/errata/RHSA-2014-0702.html http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66890 https://access.redhat.com/security/cve/C •
CVSS: 6.5EPSS: 0%CPEs: 23EXPL: 0CVE-2014-2436 – mysql: unspecified vulnerability related to RBR (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-2436
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.36 y anteriores y 5.6.16 y anteriores, permite a usuarios remotos autenticados afectar a confidencialidad, integridad y disponibilidad a través de vectores relacionados con RBR. • http://rhn.redhat.com/errata/RHSA-2014-0522.html http://rhn.redhat.com/errata/RHSA-2014-0536.html http://rhn.redhat.com/errata/RHSA-2014-0537.html http://rhn.redhat.com/errata/RHSA-2014-0702.html http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66896 https://access.redhat.com/security/cve/C •
CVSS: 4.3EPSS: 2%CPEs: 8EXPL: 0CVE-2010-5298 – openssl: freelist misuse causing a possible use-after-free
https://notcve.org/view.php?id=CVE-2010-5298
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. Condición de carrera en la función ssl3_read_bytes en s3_pkt.c en OpenSSL hasta 1.0.1g, cuando SSL_MODE_RELEASE_BUFFERS está habilitado, permite a atacantes remotos inyectar datos a través de sesiones o causar una denegación de servicio (error de uso después de liberación y análisis sintáctico) a través de una conexión SSL en un entorno con múltiples hilos. • http://advisories.mageia.org/MGASA-2014-0187.html http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http:/& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •