Total
498 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6507 | 3 Mariadb, Oracle, Suse | 7 Mariadb, Mysql, Solaris and 4 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. | |||||
| CVE-2015-8931 | 4 Canonical, Debian, Libarchive and 1 more | 6 Ubuntu Linux, Debian Linux, Libarchive and 3 more | 2025-04-12 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior. | |||||
| CVE-2014-3469 | 4 Debian, Gnu, Redhat and 1 more | 14 Debian Linux, Gnutls, Libtasn1 and 11 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. | |||||
| CVE-2014-2309 | 3 Linux, Opensuse, Suse | 3 Linux Kernel, Opensuse, Linux Enterprise Server | 2025-04-12 | 6.1 MEDIUM | N/A |
| The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets. | |||||
| CVE-2015-5165 | 7 Arista, Debian, Fedoraproject and 4 more | 24 Eos, Debian Linux, Fedora and 21 more | 2025-04-12 | 9.3 HIGH | N/A |
| The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors. | |||||
| CVE-2013-6501 | 2 Php, Suse | 2 Php, Linux Enterprise Server | 2025-04-12 | 4.6 MEDIUM | N/A |
| The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c. | |||||
| CVE-2014-3467 | 5 Debian, F5, Gnu and 2 more | 16 Debian Linux, Arx, Arx Firmware and 13 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. | |||||
| CVE-2014-4243 | 3 Mariadb, Oracle, Suse | 6 Mariadb, Mysql, Solaris and 3 more | 2025-04-12 | 2.8 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED. | |||||
| CVE-2016-4957 | 5 Novell, Ntp, Opensuse and 2 more | 9 Suse Manager, Ntp, Leap and 6 more | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547. | |||||
| CVE-2016-4956 | 6 Novell, Ntp, Opensuse and 3 more | 11 Suse Manager, Ntp, Leap and 8 more | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548. | |||||
| CVE-2015-0433 | 6 Canonical, Debian, Mariadb and 3 more | 15 Ubuntu Linux, Debian Linux, Mariadb and 12 more | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML. | |||||
| CVE-2015-0441 | 6 Canonical, Debian, Mariadb and 3 more | 13 Ubuntu Linux, Debian Linux, Mariadb and 10 more | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption. | |||||
| CVE-2014-4214 | 2 Oracle, Suse | 3 Mysql, Linux Enterprise Desktop, Linux Enterprise Server | 2025-04-12 | 3.3 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP. | |||||
| CVE-2014-6568 | 7 Canonical, Debian, Fedoraproject and 4 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML. | |||||
| CVE-2015-0505 | 6 Canonical, Debian, Mariadb and 3 more | 14 Ubuntu Linux, Debian Linux, Mariadb and 11 more | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. | |||||
| CVE-2015-8778 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access. | |||||
| CVE-2014-6495 | 4 Juniper, Mariadb, Oracle and 1 more | 8 Junos Space, Mariadb, Mysql and 5 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL. | |||||
| CVE-2015-7547 | 10 Canonical, Debian, F5 and 7 more | 30 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 27 more | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
| Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. | |||||
| CVE-2015-0272 | 4 Canonical, Gnome, Oracle and 1 more | 9 Ubuntu Linux, Networkmanager, Linux and 6 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215. | |||||
| CVE-2015-2697 | 6 Canonical, Debian, Mit and 3 more | 9 Ubuntu Linux, Debian Linux, Kerberos 5 and 6 more | 2025-04-12 | 4.0 MEDIUM | N/A |
| The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request. | |||||