Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-8639 | 6.8 |
Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows
|
21-10-2024 - 13:55 | 14-01-2015 - 11:59 | |
CVE-2014-8634 | 7.5 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and app
|
21-10-2024 - 13:55 | 14-01-2015 - 11:59 | |
CVE-2014-8638 | 6.8 |
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-contro
|
21-10-2024 - 13:55 | 14-01-2015 - 11:59 | |
CVE-2003-0356 | 10.0 |
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) R
|
16-02-2024 - 20:39 | 09-06-2003 - 04:00 | |
CVE-2003-0357 | 7.5 |
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
|
14-02-2024 - 01:17 | 09-06-2003 - 04:00 | |
CVE-2015-0374 | 3.5 |
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.
|
20-09-2022 - 20:44 | 21-01-2015 - 18:59 | |
CVE-2014-6568 | 3.5 |
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.
|
16-09-2022 - 19:56 | 21-01-2015 - 15:28 | |
CVE-2015-0382 | 4.3 |
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.
|
30-08-2022 - 17:36 | 21-01-2015 - 18:59 | |
CVE-2015-0381 | 4.3 |
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.
|
30-08-2022 - 17:30 | 21-01-2015 - 18:59 | |
CVE-2015-0432 | 4.0 |
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
|
29-08-2022 - 20:57 | 21-01-2015 - 19:59 | |
CVE-2015-0411 | 7.5 |
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.
|
01-07-2022 - 14:14 | 21-01-2015 - 19:59 | |
CVE-2014-8157 | 7.5 |
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overf
|
30-10-2018 - 16:27 | 26-01-2015 - 15:59 | |
CVE-2014-8158 | 6.8 |
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
|
30-10-2018 - 16:27 | 26-01-2015 - 15:59 | |
CVE-2015-1182 | 7.5 |
The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL 1.0 through 1.2.12 and 1.3.x through 1.3.9 does not properly initialize a pointer in the asn1_sequence linked list, which allows remote attackers to cause a denial of service (crash
|
30-10-2018 - 16:27 | 27-01-2015 - 20:59 | |
CVE-2014-8990 | 7.5 |
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
|
01-07-2017 - 01:29 | 05-12-2014 - 16:59 | |
CVE-2014-9622 | 6.8 |
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
|
01-07-2017 - 01:29 | 21-01-2015 - 18:59 | |
CVE-2014-3609 | 5.0 |
HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values."
|
07-01-2017 - 03:00 | 11-09-2014 - 18:55 | |
CVE-2013-6892 | 3.5 |
WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit.
|
26-08-2016 - 19:25 | 21-01-2015 - 18:59 | |
CVE-2015-1306 | 5.0 |
The newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6.1.24 allows remote attackers to read arbitrary files via unspecified vectors.
|
19-11-2015 - 17:00 | 22-01-2015 - 15:59 | |
CVE-2015-1031 | 7.5 |
Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity s
|
04-03-2015 - 19:10 | 10-02-2015 - 19:59 |