CVE-2014-2623 (storage_data_protector)

Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors.

Source: CVE-2014-2623 (storage_data_protector)

CVE-2014-4260 (debian_linux, mysql, solaris, suse_linux_enterprise_desktop, suse_linux_enterprise_server, suse_linux_enterprise_software_development_kit)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.

Source: CVE-2014-4260 (debian_linux, mysql, solaris, suse_linux_enterprise_desktop, suse_linux_enterprise_server, suse_linux_enterprise_software_development_kit)

CVE-2014-4258 (debian_linux, mysql, solaris, suse_linux_enterprise_desktop, suse_linux_enterprise_server, suse_linux_enterprise_software_development_kit, vcenter_server_appliance)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.

Source: CVE-2014-4258 (debian_linux, mysql, solaris, suse_linux_enterprise_desktop, suse_linux_enterprise_server, suse_linux_enterprise_software_development_kit, vcenter_server_appliance)

CVE-2014-4243 (mysql, solaris, suse_linux_enterprise_desktop, suse_linux_enterprise_server, suse_linux_enterprise_software_development_kit)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.

Source: CVE-2014-4243 (mysql, solaris, suse_linux_enterprise_desktop, suse_linux_enterprise_server, suse_linux_enterprise_software_development_kit)

CVE-2013-6691 (adaptive_security_appliance_software)

The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.

Source: CVE-2013-6691 (adaptive_security_appliance_software)

CVE-2013-5567 (adaptive_security_appliance_software)

Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606.

Source: CVE-2013-5567 (adaptive_security_appliance_software)

CVE-2014-2780 (windows_7, windows_8, windows_8.1, windows_server_2008, windows_server_2012, windows_vista)

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges by leveraging control over a low-integrity process to execute a crafted application, aka "DirectShow Elevation of Privilege Vulnerability."

Source: CVE-2014-2780 (windows_7, windows_8, windows_8.1, windows_server_2008, windows_server_2012, windows_vista)

CVE-2014-1824 (windows_7, windows_8, windows_8.1, windows_rt, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_vista)

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted Journal (aka .JNT) file, aka "Windows Journal Remote Code Execution Vulnerability."

Source: CVE-2014-1824 (windows_7, windows_8, windows_8.1, windows_rt, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_vista)

CVE-2014-1767 (windows_7, windows_8, windows_8.1, windows_rt, windows_rt_8.1, windows_server_2003, windows_server_2008, windows_server_2012, windows_vista)

Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."

Source: CVE-2014-1767 (windows_7, windows_8, windows_8.1, windows_rt, windows_rt_8.1, windows_server_2003, windows_server_2008, windows_server_2012, windows_vista)

CVE-2014-2510 (centerstage, documentum_foundation_services, my_documentum_for_desktop, my_documentum_for_microsoft_outlook)

The JAXB XML parser in EMC Documentum Foundation Services (DFS) 6.6 before P39, 6.7 SP1 before P28, and 6.7 SP2 before P15, as used in My Documentum for Desktop, My Documentum for Microsoft Outlook, and CenterStage, allows remote authenticated users to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Source: CVE-2014-2510 (centerstage, documentum_foundation_services, my_documentum_for_desktop, my_documentum_for_microsoft_outlook)