CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3458 – mysql: Server: DML unspecified vulnerability (CPU Apr 2017)
https://notcve.org/view.php?id=CVE-2017-3458
24 Apr 2017 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3459 – mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)
https://notcve.org/view.php?id=CVE-2017-3459
24 Apr 2017 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3460 – mysql: Server: Audit Plug-in unspecified vulnerability (CPU Apr 2017)
https://notcve.org/view.php?id=CVE-2017-3460
24 Apr 2017 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 9.8EPSS: 1%CPEs: 46EXPL: 0CVE-2016-9843 – zlib: Big-endian out-of-bounds pointer
https://notcve.org/view.php?id=CVE-2016-9843
23 Jan 2017 — The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. La función crc32_big en crc32.c in zlib 1.2.8 podría permitir que atacantes dependientes del contexto causen impactos no especificados mediante vectores que implican cálculos CRC big-endian. It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html •
CVSS: 8.8EPSS: 1%CPEs: 36EXPL: 0CVE-2016-9840 – zlib: Out-of-bounds pointer arithmetic in inftrees.c
https://notcve.org/view.php?id=CVE-2016-9840
23 Jan 2017 — inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Inftrees.c en zlib 1.2.8 podría permitir que los atacantes dependientes del contexto tener un impacto no especificado al aprovechar la aritmética de puntero incorrecta. It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. It ... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html •
CVSS: 9.8EPSS: 1%CPEs: 62EXPL: 0CVE-2016-9841 – zlib: Out-of-bounds pointer arithmetic in inffast.c
https://notcve.org/view.php?id=CVE-2016-9841
23 Jan 2017 — inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. inffast.c en zlib 1.2.8 puede permitir que atacantes dependientes del contexto causen un impacto no especificado aprovechando una aritmética de puntero incorrecta.. It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. It was d... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html •
CVSS: 8.8EPSS: 0%CPEs: 36EXPL: 0CVE-2016-9842 – zlib: Undefined left shift of negative number
https://notcve.org/view.php?id=CVE-2016-9842
23 Jan 2017 — The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. La función inflateMark en inflate.c en zlib 1.2.8 podría permitir que los atacantes dependientes del contexto tener un impacto no especificado a través de vectores que implican cambios a la izquierda de enteros negativos. It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to ca... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3320 – mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2017)
https://notcve.org/view.php?id=CVE-2017-3320
20 Jan 2017 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •
CVSS: 6.3EPSS: 0%CPEs: 19EXPL: 0CVE-2017-3291 – mysql: unrestricted mysqld_safe's ledir (CPU Jan 2017)
https://notcve.org/view.php?id=CVE-2017-3291
20 Jan 2017 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL ... • http://www.debian.org/security/2017/dsa-3767 • CWE-426: Untrusted Search Path •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2017-3244 – mysql: Server: DML unspecified vulnerability (CPU Jan 2017)
https://notcve.org/view.php?id=CVE-2017-3244
20 Jan 2017 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Ava... • http://www.debian.org/security/2017/dsa-3767 •