CVSS: 9.8EPSS: 2%CPEs: 28EXPL: 1CVE-2013-5616 – Mozilla: Use-after-free in event listeners (MFSA 2013-108)
https://notcve.org/view.php?id=CVE-2013-5616
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. Vulnerabilidad de liberación despues de uso en la función nsEventListenerManager :: HandleEventSubType en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird antes de 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio ( corrupción de memoria heap) a través de vectores relacionados con los detectores de eventos mListeners. • http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html http://lists.opensuse.org/opensuse-updates/2013 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 2%CPEs: 28EXPL: 1CVE-2013-5618 – Mozilla: Use-after-free during Table Editing (MFSA 2013-109)
https://notcve.org/view.php?id=CVE-2013-5618
Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection. Vulnerabilidad de uso despues de liberación en la función nsNodeUtils::LastRelease en la interfaz de usuario en el editor de componentes en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird anterior a 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar código arbitrario mediante la activación inadecuada de la recolección de basura . • http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html http://lists.opensuse.org/opensuse-updates/2013 • CWE-416: Use After Free •
CVSS: 4.9EPSS: 0%CPEs: 13EXPL: 0CVE-2013-5807 – mysql: unspecified flaw related to Replication (CPU October 2013)
https://notcve.org/view.php?id=CVE-2013-5807
Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.x hasta 5.5.32 y 5.6.x hasta 5.6.x hasta 5.6.12 permite a usuarios remotos autenticados afectar la confidencialidad e integridad a través de vectores desconocidos relacionados con Replication. • http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.debian.org/security/2013/dsa-2818 http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html http://www.securityfocus.com/bid/63105 http://www.securitytracker.com/id/1029184 http://www.ubuntu.com/usn/USN-2006-1 https://access.redhat.com/secur •
CVSS: 10.0EPSS: 1%CPEs: 249EXPL: 0CVE-2013-5843 – JDK: unspecified vulnerability fixed in 7u45 (2D)
https://notcve.org/view.php?id=CVE-2013-5843
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE v7u40 y anteriores, Java SE v6u60 y anteriores, Java SE v5.0u51 y anteriores, JavaFX v2.2.40 y anteriores, y Java SE Embedded v7u40 y anteriores permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con 2D. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://marc.info/?l=bugtraq&m=138674031212883&w=2 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://rhn.redhat.com/errata/RHSA-2013-1507.html http://rhn.redhat.com/errata/RHSA-2013-1508.html http://rhn.redhat.com/errata/RHSA-2013-1509.html http://rhn.redhat.com&#x •
CVSS: 4.0EPSS: 0%CPEs: 15EXPL: 0CVE-2013-3839 – mysql: unspecified DoS related to Optimizer (CPU October 2013)
https://notcve.org/view.php?id=CVE-2013-3839
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.70 y anteriores, 5.5.32 y anteriores y 5.6.12 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Optimizer. • http://rhn.redhat.com/errata/RHSA-2014-0173.html http://rhn.redhat.com/errata/RHSA-2014-0186.html http://rhn.redhat.com/errata/RHSA-2014-0189.html http://secunia.com/advisories/55291 http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.debian.org/security/2013/dsa-2780 http://www.debian.org/security/2013/dsa-2818 http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html http:/&#x •