Search Results (Refine Search)
- CPE Product Version: cpe:/o:redhat:enterprise_linux_server_tus:7.6
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-3581 |
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header. Published: October 10, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-3469 |
The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. Published: June 05, 2014; 4:55:06 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-3468 |
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. Published: June 05, 2014; 4:55:06 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2014-3467 |
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. Published: June 05, 2014; 4:55:06 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-2440 |
Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Published: April 15, 2014; 10:55:16 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2014-2438 |
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication. Published: April 15, 2014; 10:55:16 PM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |
CVE-2014-2436 |
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. Published: April 15, 2014; 10:55:16 PM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |
CVE-2014-2432 |
Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated. Published: April 15, 2014; 10:55:16 PM -0400 |
V3.x:(not available) V2.0: 2.8 LOW |
CVE-2014-2431 |
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options. Published: April 15, 2014; 10:55:16 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2014-2430 |
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. Published: April 15, 2014; 10:55:15 PM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |
CVE-2014-2419 |
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. Published: April 15, 2014; 10:55:15 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2014-0384 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. Published: April 15, 2014; 8:55:23 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2013-5704 |
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." Published: April 15, 2014; 6:55:11 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-2497 |
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. Published: March 21, 2014; 10:55:12 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |