CVSS: 9.8EPSS: 1%CPEs: 23EXPL: 0CVE-2014-2431 – mysql: unspecified DoS related to Options (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-2431
16 Apr 2014 — Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.36 y anteriores y 5.6.16 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con las opciones. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and ... • http://rhn.redhat.com/errata/RHSA-2014-0522.html •
CVSS: 9.8EPSS: 1%CPEs: 23EXPL: 0CVE-2014-2432 – mysql: unspecified DoS related to Federated (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-2432
16 Apr 2014 — Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated. Vulnerabilidad no especificada en el componente de Oracle MySQL Server 5.5.35 y anteriores y 5.6.15 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Federated. Unspecified vulnerability in the MySQL Server component in Oracle MyS... • http://rhn.redhat.com/errata/RHSA-2014-0522.html •
CVSS: 9.8EPSS: 0%CPEs: 23EXPL: 0CVE-2014-2436 – mysql: unspecified vulnerability related to RBR (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-2436
16 Apr 2014 — Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.36 y anteriores y 5.6.16 y anteriores, permite a usuarios remotos autenticados afectar a confidencialidad, integridad y disponibilidad a través de vectores relacionados con RBR. Unspecified vulnerability in the MySQL Server component in Oracle My... • http://rhn.redhat.com/errata/RHSA-2014-0522.html •
CVSS: 9.8EPSS: 1%CPEs: 21EXPL: 0CVE-2014-2438 – mysql: unspecified DoS related to Replication (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-2438
16 Apr 2014 — Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.35 y anteriores y 5.6.15 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Replication. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier an... • http://rhn.redhat.com/errata/RHSA-2014-0522.html •
CVSS: 9.8EPSS: 0%CPEs: 23EXPL: 0CVE-2014-2440 – Gentoo Linux Security Advisory 201409-04
https://notcve.org/view.php?id=CVE-2014-2440
16 Apr 2014 — Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente MySQL Client en Oracle MySQL 5.5.36 y anteriores y 5.6.16 y anteriores, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. Unspecified vulnerability in the MySQL Server component in... • http://rhn.redhat.com/errata/RHSA-2014-0522.html •
CVSS: 9.8EPSS: 1%CPEs: 22EXPL: 0CVE-2014-0384 – mysql: unspecified DoS related to XML (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-0384
15 Apr 2014 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.35 y anteriores y 5.6.15 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con XML. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and ... • http://rhn.redhat.com/errata/RHSA-2014-0522.html •
CVSS: 7.5EPSS: 83%CPEs: 76EXPL: 1CVE-2013-5704 – httpd: bypass of mod_headers rules via chunked requests
https://notcve.org/view.php?id=CVE-2013-5704
15 Apr 2014 — The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." El módulo mod_headers en el servidor de Apache HTTP 2.2.22 permite a atacantes remotos evadir directivas "RequestHeader unset" mediante la colocación de una cabera en la porción "trailer" de datos enviados con codificación de tran... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 4%CPEs: 32EXPL: 1CVE-2014-2497 – gd: NULL pointer dereference in gdImageCreateFromXpm()
https://notcve.org/view.php?id=CVE-2014-2497
21 Mar 2014 — The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. La función gdImageCreateFromXpm en gdxpm.c en libgd, utilizado en PHP 5.4.26 y anteriores, permite a atacantes remotos causar una denegación de servicio (referencia a puntero cero y caída de aplicación) a través de una tabla de color manipulada en un archivo XPM. A NULL pointer... • http://advisories.mageia.org/MGASA-2014-0288.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 2%CPEs: 64EXPL: 0CVE-2008-2808 – Firefox file location escaping flaw
https://notcve.org/view.php?id=CVE-2008-2808
07 Jul 2008 — Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename. Mozilla Firefox anterior a 2.0.0.15 y SeaMonkey anterior a 1.1.10 no escapan correctamente el HTML en listados de directorios file:// URLs, lo que permite a atacantes remotos llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) o te... • http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 66EXPL: 0CVE-2008-2674
https://notcve.org/view.php?id=CVE-2008-2674
12 Jun 2008 — Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors. Vulnerabilidad no especificada en la Interstage Management Console, tal como se utiliza en Fujitsu Interstage Application Server 6.0 a 9.0.0A, Apworks Modelers-J 6.0 a 7.0, y Studio 8.0.1 y 9.0.0, permite a atacantes remotos leer o ... • http://secunia.com/advisories/30589 •