CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2013-0385 – mysql: Unspecified vulnerability in the server replication of the Oracle MySQL server allows local attackers to alter confidentiality and integrity
https://notcve.org/view.php?id=CVE-2013-0385
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication. Una vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores, permite a usuarios locales afectar la confidencialidad y la integridad a través de vectores desconocidos relacionados con un servidor de replicación (Replication Server).... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •
CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0CVE-2012-1702 – mysql: unspecified unauthenticated DoS vulnerability related to Server (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2012-1702
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Se... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2012-1705 – mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2012-1705
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con el Server Optimizer. Multiple vulnerabilities have been found i... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2012-0572 – mysql: unspecified DoS vulnerability related to InnoDB (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2012-0572
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con InnoDB. Multiple vulnerabilities have been found in MySQL, allowing attack... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2012-0574 – mysql: unspecified DoS vulnerability related to Server (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2012-0574
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause D... • http://marc.info/?l=bugtraq&m=135109152819176&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 30EXPL: 0CVE-2013-0744 – Mozilla: Use-after-free when displaying table with many columns and column groups (MFSA 2013-05)
https://notcve.org/view.php?id=CVE-2013-0744
13 Jan 2013 — Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups. Vulnerabilidad de liberación des... • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 0CVE-2013-0746 – Mozilla: Compartment mismatch with quickstubs returned values (MFSA 2013-09)
https://notcve.org/view.php?id=CVE-2013-0746
13 Jan 2013 — Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection. Mozilla F... • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html •
CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 1CVE-2013-0748 – Mozilla: Address space layout leaked in XBL objects (MFSA 2013-11)
https://notcve.org/view.php?id=CVE-2013-0748
13 Jan 2013 — The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object. La implementación de en el motor de navegación en Mozilla Firefox anterior a 18.0, Firefox ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0... • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 1%CPEs: 30EXPL: 0CVE-2013-0750 – Mozilla Firefox String Replacement Heap Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-0750
13 Jan 2013 — Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow. Desbordamiento de búfer en la implementación de JavaScript en el componente XMLSerializer en Mozilla Fi... • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 87%CPEs: 30EXPL: 2CVE-2013-0753 – Mozilla Firefox XMLSerializer Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-0753
13 Jan 2013 — Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content. Vulnerabilidad de uso después de la liberación en la implementación del serializeToStream en el componente XMLSerializer en Mozilla Fire... • https://packetstorm.news/files/id/123000 • CWE-416: Use After Free •