Enterprise Linux Server TUS

DATE	CVE	VULNERABILITY TITLE	RISK
2014-04-30	CVE-2014-1524	Classic Buffer Overflow vulnerability in multiple products The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object. network low complexity mozilla canonical debian redhat opensuse suse fedoraproject CWE-120	7.5
2014-04-30	CVE-2014-1523	Out-Of-Bounds Write vulnerability in multiple products Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. network mozilla fedoraproject debian canonical redhat opensuse suse CWE-787	4.3
2014-04-30	CVE-2014-1518	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. network mozilla fedoraproject canonical debian redhat opensuse suse critical	9.3
2014-04-16	CVE-2014-2440	Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. network high complexity oracle mariadb redhat	5.1
2014-04-16	CVE-2014-2438	Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication. network oracle mariadb redhat	3.5
2014-04-16	CVE-2014-2436	Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. network low complexity oracle mariadb redhat	6.5
2014-04-16	CVE-2014-2432	Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated. network oracle redhat mariadb	2.8
2014-04-16	CVE-2014-2430	Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. network oracle mariadb redhat	3.5
2014-04-16	CVE-2014-2419	Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. network low complexity oracle mariadb redhat	4.0
2014-04-16	CVE-2014-0384	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. network low complexity oracle mariadb redhat	4.0