Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
Category Archives: NVD
National Vulnerability Database – This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
CVE-2012-6086 (zabbix)
libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CVE-2014-1252 (iphone_os, mac_os_x, pages)
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file.
CVE-2013-5987 (gpu_driver, mac_os_x)
Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors.
CVE-2013-5870 (enterprise_linux_desktop_supplementary, enterprise_linux_hpc_node_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_aus, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary, javafx, jdk, jre)
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
CVE-2014-0418 (enterprise_linux_desktop_supplementary, enterprise_linux_hpc_node_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_aus, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary, jdk, jre)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0424.
CVE-2014-0382 (enterprise_linux_desktop_supplementary, enterprise_linux_hpc_node_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_aus, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary, javafx, jdk, jre)
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX.
CVE-2013-5895 (enterprise_linux_desktop_supplementary, enterprise_linux_hpc_node_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_aus, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary, javafx, jdk, jre)
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.
CVE-2013-5906 (enterprise_linux_desktop_supplementary, enterprise_linux_hpc_node_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_aus, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary, jdk, jre)
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905.
CVE-2013-5904 (enterprise_linux_desktop_supplementary, enterprise_linux_hpc_node_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_aus, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary, jdk, jre)
Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.