Page 46 of 315 results (0.007 seconds)

CVSS: 4.3EPSS: 2%CPEs: 8EXPL: 0

CVE-2010-5298 – openssl: freelist misuse causing a possible use-after-free

https://notcve.org/view.php?id=CVE-2010-5298

Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. Condición de carrera en la función ssl3_read_bytes en s3_pkt.c en OpenSSL hasta 1.0.1g, cuando SSL_MODE_RELEASE_BUFFERS está habilitado, permite a atacantes remotos inyectar datos a través de sesiones o causar una denegación de servicio (error de uso después de liberación y análisis sintáctico) a través de una conexión SSL en un entorno con múltiples hilos. • http://advisories.mageia.org/MGASA-2014-0187.html http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http:/& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.5EPSS: 95%CPEs: 63EXPL: 0

CVE-2014-0001 – mysql: command-line tool buffer overflow via long server version string

https://notcve.org/view.php?id=CVE-2014-0001

Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string. Desbordamiento de buffer en client/mysql.cc en Oracle MySQL y MariaDB anterior a 5.5.35 permite a servidores de bases de datos remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una cadena de versión del servidor larga. • http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 http://osvdb.org/102713 http://rhn.redhat.com/errata/RHSA-2014-0164.html http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/52161 http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 http://www.os • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2014-0420 – mysql: unspecified vulnerability related to Replication DoS (CPU Jan 2014)

https://notcve.org/view.php?id=CVE-2014-0420

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.534 y anteriores, y 5.6.14 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Replication. • http://osvdb.org/102077 http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/56491 http://secunia.com/advisories/56580 http://security.gentoo.org/glsa/glsa-201409-04.xml http://ubuntu.com/usn/usn-2086-1 http://www.debian.org/security/2014/dsa-2848 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www •

CVSS: 3.5EPSS: 0%CPEs: 20EXPL: 0

CVE-2014-0437 – mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)

https://notcve.org/view.php?id=CVE-2014-0437

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores y 5.6.14 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Optimizer. • http://osvdb.org/102074 http://rhn.redhat.com/errata/RHSA-2014-0164.html http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/56491 http://secunia.com/advisories/56541 http://secunia.com/advisories/56580 http://security.gentoo.org/glsa/glsa-201409-04.xml http://ubuntu.com/usn/usn-2086-1 http://www.debian.org/security/2014/dsa-2845 •

CVSS: 4.0EPSS: 0%CPEs: 20EXPL: 0

CVE-2014-0401 – mysql: unspecified DoS vulnerability (CPU Jan 2014)

https://notcve.org/view.php?id=CVE-2014-0401

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores, y 5.6.14 y anteriores que permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. • http://osvdb.org/102071 http://rhn.redhat.com/errata/RHSA-2014-0164.html http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/56491 http://secunia.com/advisories/56541 http://secunia.com/advisories/56580 http://security.gentoo.org/glsa/glsa-201409-04.xml http://ubuntu.com/usn/usn-2086-1 http://www.debian.org/security/2014/dsa-2845 •