13.10

DATE	CVE	VULNERABILITY TITLE	RISK
2014-02-06	CVE-2014-1479	The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes. network low complexity mozilla canonical debian redhat fedoraproject opensuse suse	7.5
2014-02-06	CVE-2014-1477	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. network low complexity mozilla canonical debian redhat fedoraproject opensuse suse critical	9.8
2014-01-26	CVE-2013-6891	Link Following vulnerability in multiple products lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf. local high complexity apple canonical CWE-59	1.2
2014-01-15	CVE-2014-0437	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. network oracle debian canonical mariadb redhat	3.5
2014-01-15	CVE-2014-0420	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication. network oracle debian canonical redhat mariadb	2.8
2014-01-15	CVE-2014-0412	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. network low complexity oracle mariadb canonical debian redhat	4.0
2014-01-15	CVE-2014-0402	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking. network low complexity oracle mariadb canonical debian redhat	4.0
2014-01-15	CVE-2014-0401	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors. network low complexity oracle mariadb canonical debian redhat	4.0
2014-01-15	CVE-2014-0386	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. network low complexity oracle mariadb canonical debian redhat	4.0
2014-01-15	CVE-2013-5891	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. network low complexity oracle mariadb canonical debian redhat	4.0