CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 1CVE-2014-1487 – Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)
https://notcve.org/view.php?id=CVE-2014-1487
04 Feb 2014 — The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. La implementación de Web workers en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permite a atacantes remotos evadir Same Origin Policy y obtener in... • http://download.novell.com/Download?buildid=VYQsgaFpQ2k • CWE-209: Generation of Error Message Containing Sensitive Information CWE-346: Origin Validation Error •
CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0401 – mysql: unspecified DoS vulnerability (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0401
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores, y 5.6.14 y anteriores que permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. Buffer overflow in client/mysql.cc in Oracle MySQL ... • http://osvdb.org/102071 •
CVSS: 9.1EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0402 – mysql: unspecified vulnerability related to Locking DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0402
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.71 y anteriores, 5.5.33 y anteriores, y 5.6.13 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Locking. Buffer overfl... • http://osvdb.org/102068 •
CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0412 – mysql: unspecified vulnerability related to InnoDB DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0412
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores y 5.6.14 y anteriores permite a atacantes remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con InnoDB. Buffer overflow... • http://osvdb.org/102067 •
CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0437 – mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0437
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores y 5.6.14 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Optimizer. Buffer ove... • http://osvdb.org/102074 •
CVSS: 7.5EPSS: 5%CPEs: 20EXPL: 0CVE-2013-5908 – mysql: unspecified vulnerability related to Error Handling DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2013-5908
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.1.72 y anteriores, 5.5.34 y anteriores, y 5.6.14 y anteriores permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos relacionados con Error Handling. Buffer overflow in ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0386 – mysql: unspecified vulnerability related to Optimizer DoS (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0386
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en el componente de servidor MySQL en Oracle MySQL 5.1.71 y anteriores, 5.5.33 y anteriores, y 5.6.13 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Optimizer. Bu... • http://osvdb.org/102069 •
CVSS: 9.1EPSS: 0%CPEs: 20EXPL: 0CVE-2014-0393 – mysql: unspecified vulnerability related to InnoDB affecting integrity (CPU Jan 2014)
https://notcve.org/view.php?id=CVE-2014-0393
15 Jan 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL 5.1.71 y anteriores, 5.5.33 y anteriores y 5.6.13 y anteriores permite a usuarios remotos autenticados afectar la integridad a través de vectores desconodidos relacionados con InnoDB. Buffer overflow in clie... • http://osvdb.org/102075 •
CVSS: 7.5EPSS: 3%CPEs: 20EXPL: 0CVE-2013-6425 – pixman: integer underflow when handling trapezoids
https://notcve.org/view.php?id=CVE-2013-6425
19 Dec 2013 — Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Desbordamiento de entero en la macro pixman_trapezoid_valid en pixman.h de Pixman anteriores a 0.32.0, utilizado en el servidor X.Org y cairo, permite a atacantes dependientes de contexto causar una denegación de servicio (crash) a través de un valor mínimo negativo. Pixman is a pixel... • http://cgit.freedesktop.org/pixman/commit/?id=5e14da97f16e421d084a9e735be21b1025150f0c • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 4%CPEs: 28EXPL: 1CVE-2013-6671 – Mozilla: Segmentation violation when replacing ordered list elements (MFSA 2013-111)
https://notcve.org/view.php?id=CVE-2013-6671
11 Dec 2013 — The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. L función nsGfxScrollFrameInner::IsLTR en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anteriores a 24.2, Thunderbird anteriores a 24.2, y SeaMonkey anteriores a 2.23 permite a atacantes remotos ejecutar código de forma arbitraria a través ... • http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •