2015-02-03 | CVE-2014-9328 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition." | 7.5 |
2015-02-01 | CVE-2014-8630 | Command Injection vulnerability in multiple products Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shell metacharacters in a product name. | 6.5 |
2015-01-23 | CVE-2014-9639 | Local Denial of Service vulnerability in Vorbis Tools Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access. | 5.0 |
2015-01-23 | CVE-2014-9638 | Local Denial of Service vulnerability in Vorbis Tools oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero. | 5.0 |
2015-01-21 | CVE-2015-0432 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key. | 4.0 |
2015-01-21 | CVE-2015-0411 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption. | 7.5 |
2015-01-21 | CVE-2015-1038 | Link Following vulnerability in multiple products p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. | 5.8 |
2015-01-21 | CVE-2015-0407 | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing. | 5.0 |
2015-01-21 | CVE-2015-0383 | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. | 5.4 |
2015-01-21 | CVE-2015-0382 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381. | 4.3 |