Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-4815 |
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL. Published: October 21, 2015; 5:59:30 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2015-4802 |
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792. Published: October 21, 2015; 5:59:19 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2015-4792 |
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802. Published: October 21, 2015; 5:59:09 PM -0400 |
V3.x:(not available) V2.0: 1.7 LOW |
CVE-2015-0275 |
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request. Published: October 19, 2015; 6:59:00 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2014-9751 |
The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address. Published: October 05, 2015; 9:59:02 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2014-9750 |
ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field. Published: October 05, 2015; 9:59:00 PM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2015-6248 |
The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Published: August 24, 2015; 7:59:08 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-6246 |
The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Published: August 24, 2015; 7:59:06 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-6245 |
epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. Published: August 24, 2015; 7:59:05 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-6244 |
The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Published: August 24, 2015; 7:59:04 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-6243 |
The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions. Published: August 24, 2015; 7:59:03 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-1819 |
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Published: August 14, 2015; 2:59:03 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-0253 |
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI. Published: July 20, 2015; 7:59:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-4024 |
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome. Published: June 09, 2015; 2:59:06 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-3330 |
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter." Published: June 09, 2015; 2:59:03 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-3329 |
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. Published: June 09, 2015; 2:59:02 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-3812 |
Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. Published: May 26, 2015; 11:59:06 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2015-3811 |
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188. Published: May 26, 2015; 11:59:05 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-3455 |
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate. Published: May 18, 2015; 11:59:11 AM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2015-1351 |
Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Published: March 30, 2015; 6:59:07 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |