Total
720 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-3809 | 5 Canonical, Mariadb, Opensuse and 2 more | 8 Ubuntu Linux, Mariadb, Opensuse and 5 more | 2023-12-10 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log. | |||||
CVE-2013-5611 | 7 Canonical, Fedoraproject, Mozilla and 4 more | 9 Ubuntu Linux, Fedora, Firefox and 6 more | 2023-12-10 | 5.8 MEDIUM | N/A |
Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation. | |||||
CVE-2013-4002 | 9 Apache, Canonical, Hp and 6 more | 21 Xerces2 Java, Ubuntu Linux, Hp-ux and 18 more | 2023-12-10 | 7.1 HIGH | N/A |
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names. | |||||
CVE-2013-5614 | 7 Canonical, Fedoraproject, Mozilla and 4 more | 16 Ubuntu Linux, Fedora, Firefox and 13 more | 2023-12-10 | 4.3 MEDIUM | N/A |
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site. | |||||
CVE-2013-6672 | 7 Canonical, Fedoraproject, Linux and 4 more | 10 Ubuntu Linux, Fedora, Linux Kernel and 7 more | 2023-12-10 | 4.3 MEDIUM | N/A |
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations. | |||||
CVE-2013-5610 | 6 Canonical, Fedoraproject, Mozilla and 3 more | 9 Ubuntu Linux, Fedora, Firefox and 6 more | 2023-12-10 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
CVE-2013-6629 | 9 Artifex, Canonical, Debian and 6 more | 12 Gpl Ghostscript, Ubuntu Linux, Debian Linux and 9 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | |||||
CVE-2013-1502 | 2 Mariadb, Oracle | 3 Mariadb, Mysql, Solaris | 2023-12-10 | 1.5 LOW | N/A |
Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition. | |||||
CVE-2014-0420 | 5 Canonical, Debian, Mariadb and 2 more | 8 Ubuntu Linux, Debian Linux, Mariadb and 5 more | 2023-12-10 | 2.8 LOW | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication. | |||||
CVE-2013-3794 | 4 Mariadb, Opensuse, Oracle and 1 more | 7 Mariadb, Opensuse, Mysql and 4 more | 2023-12-10 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition. | |||||
CVE-2012-2199 | 2 Ibm, Oracle | 2 Websphere Mq, Solaris | 2023-12-10 | 5.0 MEDIUM | N/A |
The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service (invalid address alignment exception and daemon crash) via vectors involving a multiplexed channel. | |||||
CVE-2013-3812 | 6 Canonical, Debian, Mariadb and 3 more | 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more | 2023-12-10 | 3.5 LOW | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication. | |||||
CVE-2012-0724 | 6 Adobe, Apple, Google and 3 more | 8 Air, Flash Player, Macos and 5 more | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725. | |||||
CVE-2013-3805 | 4 Mariadb, Opensuse, Oracle and 1 more | 7 Mariadb, Opensuse, Mysql and 4 more | 2023-12-10 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements. | |||||
CVE-2013-1511 | 2 Mariadb, Oracle | 3 Mariadb, Mysql, Solaris | 2023-12-10 | 3.5 LOW | N/A |
Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. | |||||
CVE-2012-0725 | 6 Adobe, Apple, Google and 3 more | 8 Air, Flash Player, Macos and 5 more | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724. | |||||
CVE-2013-5619 | 6 Canonical, Fedoraproject, Mozilla and 3 more | 9 Ubuntu Linux, Fedora, Firefox and 6 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | |||||
CVE-2012-0876 | 6 Canonical, Debian, Libexpat Project and 3 more | 11 Ubuntu Linux, Debian Linux, Libexpat and 8 more | 2023-12-10 | 4.3 MEDIUM | N/A |
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. | |||||
CVE-2011-3201 | 3 Gnome, Oracle, Redhat | 5 Evolution, Solaris, Enterprise Linux Desktop and 2 more | 2023-12-10 | 4.3 MEDIUM | N/A |
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email. | |||||
CVE-2012-0773 | 7 Adobe, Apple, Google and 4 more | 8 Adobe Air, Flash Player, Mac Os X and 5 more | 2023-12-10 | 9.3 HIGH | N/A |
The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |