Security
Headlines
HeadlinesLatestCVEs

Tag

#ssh

CVE-2016-3471: Oracle Critical Patch Update - July 2016

Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.

CVE
Open in Source
#sql#vulnerability#web#mac#windows#apple#google#linux#cisco#js#java#oracle#kubernetes#intel#auth#ssh#zero_day#postgres#docker#sap#ssl
CVE-2015-6289: Cisco Security Advisory: Cisco IOS and Cisco IOS XE Software TCP Denial of Service Vulnerability

Cisco IOS 15.5(3)M on Integrated Services Router (ISR) 800, 819, and 829 devices allows remote attackers to cause a denial of service (memory consumption) via crafted TCP packets on the SSH port, aka Bug ID CSCuu13476.

CVE-2016-0642: Oracle Critical Patch Update Advisory - April 2016

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

CVE-2015-2906: Fast and Vulnerable: A Story of Telematic Failures

Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, store SSH private keys that are the same across different customers' installations, which makes it easier for remote attackers to obtain access by leveraging knowledge of a private key from another installation.

CVE-2015-2710: Buffer overflow with SVG content and CSS

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.

CVE-2015-0391: Oracle Critical Patch Update Advisory - January 2015

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

CVE-2015-0395: Oracle Critical Patch Update Advisory - January 2015

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2014-4288: Oracle Critical Patch Update - October 2014

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532.

CVE-2014-6469: Oracle Critical Patch Update - October 2014

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.

CVE-2014-3479: PHP: PHP 5 ChangeLog

The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file.