CVSS: 9.8EPSS: 26%CPEs: 67EXPL: 1CVE-2015-3329 – php: buffer overflow in phar_set_inode()
https://notcve.org/view.php?id=CVE-2015-3329
20 Apr 2015 — Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. Múltiples desbordamientos de buffer basado en pila en la función phar_set_inode en phar_internal.h en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8 permiten a atacantes remotos ejecutar código arbitrario a travé... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 17%CPEs: 61EXPL: 1CVE-2015-3330 – php: pipelined request executed in deinitialized interpreter under httpd 2.4
https://notcve.org/view.php?id=CVE-2015-3330
20 Apr 2015 — The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter." La función php_handler en sapi/apache2handler/sapi_apache2.c en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8, cuando Apache HTTP S... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=809610f5ea38a83b284e1125d1fff129bdd615e7 • CWE-20: Improper Input Validation CWE-665: Improper Initialization •
CVSS: 8.8EPSS: 0%CPEs: 38EXPL: 0CVE-2015-0433 – mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-0433
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.41 y anteriores, y 5.6.22 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con InnoDB : DML. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was foun... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 4%CPEs: 38EXPL: 0CVE-2015-2568 – mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-2568
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.41 y anteriores, y 5.6.22 y anteriores, permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Security : Privileges. MariaDB is a multi-user, multi-threaded SQL database server that is binary... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 8.8EPSS: 0%CPEs: 34EXPL: 0CVE-2015-2571 – mysql: unspecified vulnerability related to Server:Optimizer (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-2571
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.42 y anteriores, y 5.6.23 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Optimizer. MariaDB is a multi-user, multi-threaded SQL database server that is binary c... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 8.8EPSS: 0%CPEs: 34EXPL: 0CVE-2015-2573 – mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-2573
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.41 y anteriores, y 5.6.22 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con DDL. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL c... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 8.8EPSS: 0%CPEs: 33EXPL: 0CVE-2015-0441 – mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-0441
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.41 y anteriores, y 5.6.22 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Security : Encryption. MariaDB is a multi-user, multi-threaded SQL database... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 8.8EPSS: 0%CPEs: 34EXPL: 0CVE-2015-0499 – mysql: unspecified vulnerability related to Server:Federated (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-0499
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.42 y anteriores, y 5.6.23 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Federated. MariaDB is a multi-user, multi-threaded SQL database server that is binary c... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 8.8EPSS: 0%CPEs: 34EXPL: 0CVE-2015-0501 – mysql: unspecified vulnerability related to Server:Compiling (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-0501
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.42 y anterioresw y 5.6.23 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Compiling. MariaDB is a multi-user, multi-threaded SQL database server that is binary c... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 •
CVSS: 8.8EPSS: 0%CPEs: 34EXPL: 0CVE-2015-0505 – mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-0505
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.42 y anteriores, y 5.6.23 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con DDL. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL c... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •