Total
1461 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3793 | 6 Canonical, Debian, Mariadb and 3 more | 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more | 2022-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language. | |||||
| CVE-2013-3794 | 4 Mariadb, Opensuse, Oracle and 1 more | 7 Mariadb, Opensuse, Mysql and 4 more | 2022-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition. | |||||
| CVE-2013-3802 | 6 Canonical, Debian, Mariadb and 3 more | 8 Ubuntu Linux, Debian Linux, Mariadb and 5 more | 2022-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search. | |||||
| CVE-2015-7744 | 3 Mariadb, Opensuse, Wolfssl | 4 Mariadb, Leap, Opensuse and 1 more | 2022-08-29 | 2.6 LOW | 5.9 MEDIUM |
| wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack. | |||||
| CVE-2014-0198 | 6 Debian, Fedoraproject, Mariadb and 3 more | 9 Debian Linux, Fedora, Mariadb and 6 more | 2022-08-29 | 4.3 MEDIUM | N/A |
| The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. | |||||
| CVE-2014-4049 | 3 Debian, Opensuse, Php | 3 Debian Linux, Opensuse, Php | 2022-08-29 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function. | |||||
| CVE-2013-3809 | 5 Canonical, Mariadb, Opensuse and 2 more | 8 Ubuntu Linux, Mariadb, Opensuse and 5 more | 2022-08-26 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log. | |||||
| CVE-2013-3808 | 4 Mariadb, Opensuse, Oracle and 1 more | 6 Mariadb, Opensuse, Mysql and 3 more | 2022-08-26 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options. | |||||
| CVE-2013-3805 | 4 Mariadb, Opensuse, Oracle and 1 more | 7 Mariadb, Opensuse, Mysql and 4 more | 2022-08-26 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements. | |||||
| CVE-2013-3804 | 6 Canonical, Debian, Mariadb and 3 more | 8 Ubuntu Linux, Debian Linux, Mariadb and 5 more | 2022-08-26 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2015-2305 | 5 Canonical, Debian, Opensuse and 2 more | 5 Ubuntu Linux, Debian Linux, Opensuse and 2 more | 2022-08-16 | 6.8 MEDIUM | N/A |
| Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. | |||||
| CVE-2015-8080 | 4 Debian, Opensuse, Redhat and 1 more | 5 Debian Linux, Leap, Opensuse and 2 more | 2022-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. | |||||
| CVE-2015-2325 | 4 Mariadb, Opensuse, Pcre and 1 more | 4 Mariadb, Opensuse, Pcre and 1 more | 2022-08-05 | 6.8 MEDIUM | 7.8 HIGH |
| The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier. | |||||
| CVE-2010-4180 | 7 Canonical, Debian, F5 and 4 more | 9 Ubuntu Linux, Debian Linux, Nginx and 6 more | 2022-08-04 | 4.3 MEDIUM | N/A |
| OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | |||||
| CVE-2014-8964 | 6 Fedoraproject, Mariadb, Opensuse and 3 more | 11 Fedora, Mariadb, Opensuse and 8 more | 2022-08-04 | 5.0 MEDIUM | N/A |
| Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. | |||||
| CVE-2013-3801 | 4 Mariadb, Opensuse, Oracle and 1 more | 6 Mariadb, Opensuse, Mysql and 3 more | 2022-08-04 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options. | |||||
| CVE-2013-1861 | 7 Canonical, Debian, Mariadb and 4 more | 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more | 2022-08-04 | 5.0 MEDIUM | N/A |
| MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error. | |||||
| CVE-2008-2371 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2022-08-01 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. | |||||
| CVE-2016-3074 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow. | |||||
| CVE-2016-4346 | 2 Opensuse, Php | 3 Leap, Opensuse, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | |||||