Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2014-12-16	CVE-2014-8964	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. network low complexity pcre mariadb fedoraproject opensuse oracle redhat CWE-119	5.0
2014-06-05	CVE-2014-3469	Null Pointer Dereference vulnerability in multiple products The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. network low complexity gnu redhat debian suse CWE-476	5.0
2014-06-05	CVE-2014-3467	Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. network low complexity gnu redhat debian suse f5	5.0
2014-04-30	CVE-2014-1530	Cross-Site Scripting vulnerability in multiple products The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation. network mozilla fedoraproject canonical debian redhat opensuse suse CWE-79	4.3
2014-04-30	CVE-2014-1523	Out-Of-Bounds Write vulnerability in multiple products Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. network mozilla fedoraproject debian canonical redhat opensuse suse CWE-787	4.3
2014-04-16	CVE-2014-2440	Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. network high complexity oracle mariadb redhat	5.1
2014-04-16	CVE-2014-2436	Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. network low complexity oracle mariadb redhat	6.5
2014-04-16	CVE-2014-2419	Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. network low complexity oracle mariadb redhat	4.0
2014-04-16	CVE-2014-0384	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. network low complexity oracle mariadb redhat	4.0
2014-03-19	CVE-2014-1509	Classic Buffer Overflow vulnerability in Mozilla products Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document. network mozilla redhat canonical suse opensuse CWE-120	6.8