CVSS: 5.5EPSS: 37%CPEs: 13EXPL: 0CVE-2014-2270 – file: out-of-bounds access in search rules with offsets from input file
https://notcve.org/view.php?id=CVE-2014-2270
12 Mar 2014 — softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable. softmagic.c en archivo anterior a 5.17 y libmagic permite a atacantes dependientes de contexto causar una denegación de servicio (acceso a memoria fuera de rango y caída) a través de desplazamientos (“offsets”) manipulados en el softmagic de un ejecutable PE. A denial of service flaw was found in the way ... • http://bugs.gw.com/view.php?id=313 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 26%CPEs: 9EXPL: 0CVE-2014-1943 – file: unrestricted recursion in handling of indirect type rules
https://notcve.org/view.php?id=CVE-2014-1943
18 Feb 2014 — Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file. Fine Free File anterior a 5.17 permite a atacantes dependientes de contexto causar una denegación de servicio (recursión infinita, consumo de CPU y caída) a través de un valor manipulado de desplazamiento indirecto en el "magic" de un archivo. A denial of service flaw was found in the way the File Information (... • http://lists.opensuse.org/opensuse-updates/2014-03/msg00034.html • CWE-755: Improper Handling of Exceptional Conditions CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.6EPSS: 8%CPEs: 16EXPL: 0CVE-2013-6393 – libyaml: heap-based buffer overflow when parsing YAML tags
https://notcve.org/view.php?id=CVE-2013-6393
01 Feb 2014 — The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow. La función yaml_parser_scan_tag_uri en scanner.c en LibYAML anterior a 0.1.5 lleva a cabo un "cast" incorrecto, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) y prob... • http://advisories.mageia.org/MGASA-2014-0040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0401 – mysql: unspecified DoS vulnerability (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0401
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores, y 5.6.14 y anteriores que permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. Buffer overflow in client/mysql.cc in Oracle MySQL ... • http://osvdb.org/102071 •
CVSS: 9.1EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0402 – mysql: unspecified vulnerability related to Locking DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0402
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.71 y anteriores, 5.5.33 y anteriores, y 5.6.13 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Locking. Buffer overfl... • http://osvdb.org/102068 •
CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0412 – mysql: unspecified vulnerability related to InnoDB DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0412
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores y 5.6.14 y anteriores permite a atacantes remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con InnoDB. Buffer overflow... • http://osvdb.org/102067 •
CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0437 – mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0437
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores y 5.6.14 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Optimizer. Buffer ove... • http://osvdb.org/102074 •
CVSS: 7.5EPSS: 5%CPEs: 20EXPL: 0CVE-2013-5908 – mysql: unspecified vulnerability related to Error Handling DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2013-5908
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores, y 5.6.14 y anteriores permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos relacionados con Error Handling. Buffer overflow in ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0386 – mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0386
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en el componente de servidor MySQL en Oracle MySQL 5.1.71 y anteriores, 5.5.33 y anteriores, y 5.6.13 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Optimizer. Bu... • http://osvdb.org/102069 •
CVSS: 9.1EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0393 – mysql: unspecified vulnerability related to InnoDB affecting integrity (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0393
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.71 y anteriores, 5.5.33 y anteriores y 5.6.13 y anteriores permite a usuarios remotos autenticados afectar la integridad a través de vectores desconodidos relacionados con InnoDB. Buffer overflow in clie... • http://osvdb.org/102075 •