cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
Max CVSS
5.0
EPSS Score
46.73%
Published
2014-04-15
Updated
2022-04-14
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.
Max CVSS
4.0
EPSS Score
3.56%
Published
2014-04-16
Updated
2022-08-29
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
Max CVSS
4.0
EPSS Score
0.41%
Published
2014-04-16
Updated
2022-08-29
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.
Max CVSS
3.5
EPSS Score
0.41%
Published
2014-04-16
Updated
2022-09-16
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.
Max CVSS
2.6
EPSS Score
1.18%
Published
2014-04-16
Updated
2022-09-29
Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.
Max CVSS
2.8
EPSS Score
0.46%
Published
2014-04-16
Updated
2022-09-21
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.
Max CVSS
6.5
EPSS Score
0.34%
Published
2014-04-16
Updated
2022-07-19
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.
Max CVSS
3.5
EPSS Score
0.40%
Published
2014-04-16
Updated
2022-09-16
Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Max CVSS
5.1
EPSS Score
2.02%
Published
2014-04-16
Updated
2022-08-04
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.
Max CVSS
5.0
EPSS Score
1.96%
Published
2014-06-05
Updated
2020-11-16
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.
Max CVSS
7.5
EPSS Score
0.73%
Published
2014-06-05
Updated
2020-11-16
The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.
Max CVSS
5.0
EPSS Score
0.37%
Published
2014-06-05
Updated
2020-11-16
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.
Max CVSS
5.0
EPSS Score
6.56%
Published
2014-10-10
Updated
2022-09-07
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
Max CVSS
2.1
EPSS Score
0.06%
Published
2014-11-01
Updated
2020-08-11
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
Max CVSS
5.0
EPSS Score
6.50%
Published
2014-07-20
Updated
2021-02-02
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.
Max CVSS
3.5
EPSS Score
0.44%
Published
2014-12-16
Updated
2021-02-02
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.
Max CVSS
3.5
EPSS Score
0.21%
Published
2015-01-21
Updated
2022-09-16
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
Max CVSS
5.0
EPSS Score
89.07%
Published
2014-11-14
Updated
2023-02-13
The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
Max CVSS
7.5
EPSS Score
7.88%
Published
2014-12-12
Updated
2023-02-13
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.
Max CVSS
7.8
EPSS Score
0.10%
Published
2020-01-14
Updated
2023-02-13
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.
Max CVSS
8.8
EPSS Score
0.47%
Published
2018-03-12
Updated
2023-02-13
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.
Max CVSS
6.5
EPSS Score
0.33%
Published
2018-03-12
Updated
2018-04-05
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Max CVSS
7.8
EPSS Score
0.73%
Published
2020-01-31
Updated
2023-02-13
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Max CVSS
7.8
EPSS Score
0.73%
Published
2020-01-31
Updated
2023-02-13
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
Max CVSS
5.0
EPSS Score
2.90%
Published
2014-12-16
Updated
2022-08-04
411 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!