Page 103 of 580 results (0.009 seconds)

CVSS: 1.7EPSS: 0%CPEs: 24EXPL: 0

CVE-2016-0609 – mysql: unspecified vulnerability in subcomponent: Server: Security: Privileges (CPU January 2016)

https://notcve.org/view.php?id=CVE-2016-0609

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores no conocidos relacionados con los privilegios. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http:&# •

CVSS: 2.1EPSS: 0%CPEs: 6EXPL: 0

CVE-2016-0605 – mysql: unspecified vulnerability in subcomponent: Server: General (CPU January 2016)

https://notcve.org/view.php?id=CVE-2016-0605

Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en Oracle MySQL 5.6.26 y versiones anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securityfocus.com/bid/81253 http://www.securitytracker.com/id/1034708 https://access.redhat.com/security/cve/CVE-2016-0605 https://bugzilla.redhat.com/show_bug.cgi?id=1301503 •

CVSS: 3.5EPSS: 0%CPEs: 24EXPL: 0

CVE-2016-0608 – mysql: unspecified vulnerability in subcomponent: Server: UDF (CPU January 2016)

https://notcve.org/view.php?id=CVE-2016-0608

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con UDF. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http:&# •

CVSS: 8.4EPSS: 0%CPEs: 12EXPL: 0

CVE-2016-1572

https://notcve.org/view.php?id=CVE-2016-1572

mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid. mount.ecryptfs_private.c en eCryptfs-utils no valida el destino de montaje de los tipos de archivos de sistema, lo que permite a usuarios locales obtener privilegios mediante el montaje sobre un sistema de archivos no estándar, según lo demostrado por /proc/$pid. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177359.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177396.html http://lists.opensuse.org/opensuse-updates/2016-01/msg00091.html http://lists.opensuse.org/opensuse-updates/2016-01/msg00118.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00004.html http://www.debian.org/security/2016/dsa-3450 http://www.openwall.com/lists/oss-security/2016/01/20/6 http://www.securitytracker.com • CWE-269: Improper Privilege Management •

CVSS: 5.5EPSS: 0%CPEs: 84EXPL: 1

CVE-2016-1898

https://notcve.org/view.php?id=CVE-2016-1898

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file. FFmpeg 2.x permite a atacantes remotos llevar a cabo ataques de origen cruzado y leer archivos arbitrarios usando el protocolo subfile en un archivo HTTP Live Streaming (HLS) M3U8, dando lugar a una petición HTTP externa en la que la cadena URL contiene una línea arbitraria de un archivo local. • http://habrahabr.ru/company/mailru/blog/274855 http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html http://www.debian.org/security/2016/dsa-3506 http://www.openwall.com/lists/oss-security/2016/01/14/1 http://www.securityfocus.com/bid/80501 http://www.securitytracker.com/id/1034932 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036 http://www.ubuntu.com/usn/USN-2944-1 https://security.gentoo.org/glsa&#x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •