Lucene search

K
OracleSolaris

546 matches found

CVE
CVE
added 2014/04/16 2:55 a.m.110 views

CVE-2014-2419

Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.

4CVSS3.9AI score0.01361EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.110 views

CVE-2015-0382

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.

4.3CVSS6.6AI score0.0563EPSS
CVE
CVE
added 2016/08/02 2:59 p.m.110 views

CVE-2016-6185

The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.

7.8CVSS7.7AI score0.00451EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.109 views

CVE-2013-5614

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.

4.3CVSS9.1AI score0.00245EPSS
CVE
CVE
added 2014/10/15 10:55 p.m.109 views

CVE-2014-6530

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.

6.5CVSS6.2AI score0.00648EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.109 views

CVE-2015-0381

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.

4.3CVSS6.6AI score0.0563EPSS
CVE
CVE
added 2015/10/21 11:59 p.m.109 views

CVE-2015-4864

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

3.5CVSS4.7AI score0.00347EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.109 views

CVE-2016-0609

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.

1.7CVSS5.1AI score0.00876EPSS
CVE
CVE
added 2016/12/13 3:59 p.m.109 views

CVE-2016-5689

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.

9.8CVSS8.5AI score0.01069EPSS
CVE
CVE
added 2022/04/19 9:15 p.m.109 views

CVE-2022-21463

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful at...

5.5CVSS5.3AI score0.00216EPSS
CVE
CVE
added 2022/04/19 9:15 p.m.109 views

CVE-2022-21494

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...

4CVSS3.7AI score0.00092EPSS
CVE
CVE
added 2014/02/06 5:44 a.m.108 views

CVE-2014-1483

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint funct...

5CVSS9AI score0.00277EPSS
CVE
CVE
added 2014/10/15 10:55 p.m.108 views

CVE-2014-6494

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.

4.3CVSS6.4AI score0.01871EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.108 views

CVE-2015-0374

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.

3.5CVSS5.9AI score0.00163EPSS
CVE
CVE
added 2015/08/16 1:59 a.m.108 views

CVE-2015-4481

Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.

3.3CVSS8.5AI score0.00251EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.108 views

CVE-2016-0606

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.

3.5CVSS5AI score0.00202EPSS
CVE
CVE
added 2016/12/13 3:59 p.m.108 views

CVE-2016-5690

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.

9.8CVSS8.5AI score0.01541EPSS
CVE
CVE
added 2013/07/17 1:41 p.m.107 views

CVE-2013-3812

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

3.5CVSS5AI score0.00596EPSS
CVE
CVE
added 2014/10/15 10:55 p.m.107 views

CVE-2014-6551

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.

2.1CVSS6.1AI score0.00069EPSS
CVE
CVE
added 2015/04/24 2:59 p.m.107 views

CVE-2015-3145

The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote cha...

7.5CVSS9.4AI score0.65095EPSS
CVE
CVE
added 2015/07/16 11:0 a.m.107 views

CVE-2015-4737

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.

3.5CVSS4.4AI score0.00243EPSS
CVE
CVE
added 2016/12/13 3:59 p.m.107 views

CVE-2016-6491

Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.

8.8CVSS7.7AI score0.01227EPSS
CVE
CVE
added 2014/02/06 5:44 a.m.106 views

CVE-2014-1488

The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.

10CVSS9.4AI score0.01089EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.106 views

CVE-2014-2432

Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.

2.8CVSS4.2AI score0.01404EPSS
CVE
CVE
added 2013/04/17 5:55 p.m.105 views

CVE-2013-2376

Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.

4CVSS4.3AI score0.00606EPSS
CVE
CVE
added 2014/03/19 10:55 a.m.105 views

CVE-2014-1502

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.

6.8CVSS9.1AI score0.00284EPSS
CVE
CVE
added 2014/10/15 10:55 p.m.105 views

CVE-2014-6496

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.

4.3CVSS6.4AI score0.01871EPSS
CVE
CVE
added 2015/01/21 7:59 p.m.105 views

CVE-2015-0432

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.

4CVSS6.1AI score0.00482EPSS
CVE
CVE
added 2015/08/16 1:59 a.m.105 views

CVE-2015-4489

The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.

7.5CVSS7.3AI score0.02614EPSS
CVE
CVE
added 2016/09/21 2:25 p.m.105 views

CVE-2016-5844

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

6.5CVSS6.5AI score0.02481EPSS
CVE
CVE
added 2015/02/25 11:59 a.m.104 views

CVE-2015-0829

Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.

6.8CVSS9.5AI score0.02647EPSS
CVE
CVE
added 2015/07/06 2:1 a.m.104 views

CVE-2015-2742

Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream.

4.3CVSS6AI score0.00556EPSS
CVE
CVE
added 2015/08/16 1:59 a.m.104 views

CVE-2015-4488

Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.

7.5CVSS6.6AI score0.02257EPSS
CVE
CVE
added 2016/12/13 3:59 p.m.104 views

CVE-2016-5841

Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.

9.8CVSS8.7AI score0.2299EPSS
CVE
CVE
added 2014/02/06 5:44 a.m.103 views

CVE-2014-1480

The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.

4.3CVSS8.9AI score0.0052EPSS
CVE
CVE
added 2014/03/19 10:55 a.m.103 views

CVE-2014-1498

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ...

5CVSS8.8AI score0.00548EPSS
CVE
CVE
added 2014/06/11 10:57 a.m.103 views

CVE-2014-1542

Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.

6.8CVSS9.5AI score0.0293EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.103 views

CVE-2014-2430

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.

3.5CVSS3.9AI score0.00901EPSS
CVE
CVE
added 2014/12/16 6:59 p.m.103 views

CVE-2014-8964

Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.

5CVSS8.4AI score0.02089EPSS
CVE
CVE
added 2015/04/08 10:59 a.m.103 views

CVE-2015-0798

The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin ...

5CVSS9.4AI score0.01083EPSS
CVE
CVE
added 2015/08/24 2:59 p.m.103 views

CVE-2015-5963

contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth...

5CVSS6.4AI score0.05738EPSS
CVE
CVE
added 2016/12/13 3:59 p.m.103 views

CVE-2016-5688

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invali...

8.1CVSS7.3AI score0.02389EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.102 views

CVE-2013-5619

Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.

7.5CVSS9.5AI score0.0173EPSS
CVE
CVE
added 2015/07/06 2:0 a.m.102 views

CVE-2015-2725

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10CVSS6AI score0.01984EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.101 views

CVE-2013-6672

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.

4.3CVSS9AI score0.00931EPSS
CVE
CVE
added 2014/09/12 2:55 p.m.101 views

CVE-2014-6270

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.

6.8CVSS8.4AI score0.08712EPSS
CVE
CVE
added 2016/12/13 3:59 p.m.101 views

CVE-2016-5687

The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.

9.8CVSS8.3AI score0.00798EPSS
CVE
CVE
added 2015/02/25 11:59 a.m.100 views

CVE-2015-0828

Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLH...

6.8CVSS9.5AI score0.01358EPSS
CVE
CVE
added 2015/07/06 2:1 a.m.100 views

CVE-2015-2737

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

10CVSS4.4AI score0.00945EPSS
CVE
CVE
added 2014/03/19 10:55 a.m.99 views

CVE-2014-1500

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.

5CVSS9AI score0.02256EPSS
Total number of security vulnerabilities546