CVSS: 10.0EPSS: 4%CPEs: 28EXPL: 0CVE-2015-2740 – Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)
https://notcve.org/view.php?id=CVE-2015-2740
03 Jul 2015 — Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors. Desbordamiento de buffer en la función nsXMLHttpRequest::AppendToResponseText en Mozilla Firefox anterior a 39.0, Firefox ESR 31.x anterior a 31.8 y 38.x anterior a 38.1, y Thunderbird anterior a 38.1 podría permitir a... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2015-2743 – Mozilla: Privilege escalation through internal workers (MFSA 2015-69)
https://notcve.org/view.php?id=CVE-2015-2743
03 Jul 2015 — PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass. PDF.js en Mozilla Firefox anterior a 39.0 y Firefox ESR 31.x anterior a 31.8 y 38.x anterior a 38.1 habilita privilegios excesivos para los trabajadores internos, lo que podría permitir a atacantes remotos ejecutar código arbitrario mediante el aprovechamiento de u... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html • CWE-17: DEPRECATED: Code CWE-250: Execution with Unnecessary Privileges •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2709 – Gentoo Linux Security Advisory 201605-06
https://notcve.org/view.php?id=CVE-2015-2709
14 May 2015 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación de Mozilla Firefox anterior a 38.0 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vect... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html •
CVSS: 7.5EPSS: 1%CPEs: 20EXPL: 0CVE-2015-2708 – Mozilla: Miscellaneous memory safety hazards (rv:31.7) (MFSA 2015-46)
https://notcve.org/view.php?id=CVE-2015-2708
13 May 2015 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a 38.0, Firefox ESR 31.x anterior a 31.7, y Thunderbird anterior a 31.7 permiten a atacantes remotos causar una den... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html •
CVSS: 8.8EPSS: 2%CPEs: 20EXPL: 0CVE-2015-2710 – Mozilla: Buffer overflow with SVG content and CSS (MFSA 2015-48)
https://notcve.org/view.php?id=CVE-2015-2710
13 May 2015 — Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence. Desbordamiento de buffer basado en memoria dinámica en la clase SVGTextFrame en Mozilla Firefox anterior a 38.0, Firefox ESR 31.x anterior a 31.7, y Thunderbird anterior a 31.7 permite a atacantes remotos ejecutar ... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 20EXPL: 0CVE-2015-2713 – Mozilla: Use-after-free during text processing with vertical text enabled (MFSA 2015-51)
https://notcve.org/view.php?id=CVE-2015-2713
13 May 2015 — Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text. Vulnerabilidad de uso después de liberación en la función SetBreaks en Mozilla Firefox anterior a 38.0, Firefo... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 6%CPEs: 21EXPL: 0CVE-2015-2716 – expat: Integer overflow leading to buffer overflow in XML_GetBuffer()
https://notcve.org/view.php?id=CVE-2015-2716
13 May 2015 — Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283. Desbordamiento de buffer en el analizador XML en Mozilla Firefox en versiones anteriores a 38.0, Firefox ESR 31.x en versiones anteriores a 31.7 y Thunderbird en versiones anteriores a 31.7 permite a atacantes remotos ejecutar código arbitrario proporc... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 4%CPEs: 5EXPL: 0CVE-2015-0405 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0405
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con XA. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 5.6.24 are aff... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 2%CPEs: 9EXPL: 0CVE-2015-0423 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0423
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Optimizer. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than ... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 4%CPEs: 5EXPL: 0CVE-2015-0438 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0438
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Partition. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. V... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •