CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2013-3801
https://notcve.org/view.php?id=CVE-2013-3801
17 Jul 2013 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options. Vulnerabilidad sin especificar en el componente MySQL Server en Oracle MySQL 5.5.30 y anteriores y 5.6.10 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a través de vectores relacionados con Server Options. • http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2013-3812 – Ubuntu Security Notice USN-1909-1
https://notcve.org/view.php?id=CVE-2013-3812
17 Jul 2013 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication. Vulnerabilidad sin especificar en el componente MySQL Server en Oracle MySQL 5.5.31 y anteriores y 5.6.11 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a través de vectores relacionados con Server Replication. Multiple security issues were discover... • http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html •
CVSS: 7.4EPSS: 0%CPEs: 12EXPL: 0CVE-2013-3794
https://notcve.org/view.php?id=CVE-2013-3794
17 Jul 2013 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition. Vulnerabilidad sin especificar en el componente MySQL Server en Oracle MySQL 5.6.10 y anteriores y 5.5.30 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a través de vectores relacionados con Server Partition. • http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html •
CVSS: 7.4EPSS: 0%CPEs: 12EXPL: 0CVE-2013-3805
https://notcve.org/view.php?id=CVE-2013-3805
17 Jul 2013 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements. Vulnerabilidad sin especificar en el componente MySQL Server en Oracle MySQL 5.5.30 y anteriores y 5.6.10 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a través de vectores relacionados con Prepared Statements. • http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2013-3804 – Ubuntu Security Notice USN-1909-1
https://notcve.org/view.php?id=CVE-2013-3804
17 Jul 2013 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad sin especificar en el componente MySQL Server en Oracle MySQL 5.5.31 y anteriores, 5.1.69 y anteriores y 5.6.11 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a través de vectores relacionados con Server Optimizer. ... • http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html •
CVSS: 7.5EPSS: 33%CPEs: 23EXPL: 1CVE-2013-1896 – httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav
https://notcve.org/view.php?id=CVE-2013-1896
10 Jul 2013 — mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI. mod_dav.c en el Apache HTTP Server anterior a 2.2.25 no determina adecuadamente si DAV está activado para URI, lo que permite a atacantes remotos provocar una dene... • http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html •
CVSS: 9.8EPSS: 76%CPEs: 32EXPL: 2CVE-2013-1362 – Nagios Remote Plugin Executor - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2013-1362
09 Jul 2013 — Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash. Vulenrabilidad de lista negra incompleta en nrpc.c en Nagios Remote Plug-In Executor (NRPE) anteriroes a v2.14 podría permitir a atacantes remotos ejecutar comandos del sistema a través de los metacaracteres "$()" , que son procesados por bash. Incomplete blacklist vulnerability in nrpc.... • https://www.exploit-db.com/exploits/24955 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 2CVE-2013-2145 – Ubuntu Security Notice USN-1896-1
https://notcve.org/view.php?id=CVE-2013-2145
27 Jun 2013 — The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/. La funcionalidad de verificación cpansign en el módulo Module::Signature anterior a 0.72 para Perl, permite a atacantes evitar la comprobación de firma y ejecutar código arbitrarioa través de un archivo SIGNATURE con "un cifrado desconocido especial"... • http://lists.opensuse.org/opensuse-updates/2013-07/msg00039.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 45%CPEs: 34EXPL: 3CVE-2013-1690 – Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2013-1690
25 Jun 2013 — Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location. Mozilla Firefox anterior a 22.0, Firefox ESR 17.x anterior a 17.0.7, Thunderbird anterior ... • https://packetstorm.news/files/id/122750 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 19%CPEs: 27EXPL: 0CVE-2013-1862 – httpd: mod_rewrite allows terminal escape sequences to be written to the log file
https://notcve.org/view.php?id=CVE-2013-1862
10 Jun 2013 — mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator. mod_rewrite.c en el modulo mod_rewrite en Apache HTTP Server v2.2.x anterior a v2.2.25 escribe datos en un archivo de log sin eliminar caracteres no imprimibles, lo que podría permitir a un atacante remotos ejecutar... • http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html •