CVSS: 8.8EPSS: 0%CPEs: 38EXPL: 0CVE-2015-0433 – mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-0433
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.41 y anteriores, y 5.6.22 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con InnoDB : DML. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was foun... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2015-0439 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0439
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : InnoDB, una vulnerabilidad diferente a CVE-2015-4756. Multiple vulnerabilities have... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 8.8EPSS: 0%CPEs: 34EXPL: 0CVE-2015-0499 – mysql: unspecified vulnerability related to Server:Federated (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-0499
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.42 y anteriores, y 5.6.23 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Federated. MariaDB is a multi-user, multi-threaded SQL database server that is binary c... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 8.8EPSS: 0%CPEs: 34EXPL: 0CVE-2015-0505 – mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)
https://notcve.org/view.php?id=CVE-2015-0505
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.42 y anteriores, y 5.6.23 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con DDL. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL c... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2576
https://notcve.org/view.php?id=CVE-2015-2576
16 Apr 2015 — Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation. Vulnerabilidad no especificada en el componente MySQL Utilities en Oracle MySQL 1.5.1 y anteriores, cuando funciona en Windows, permite a usuarios locales afectar la integridad a través de vectores desconocidos relacionados con la instalación. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 8.8EPSS: 7%CPEs: 40EXPL: 0CVE-2015-0797 – Mozilla: Buffer overflow parsing H.264 video with Linux Gstreamer (MFSA 2015-47)
https://notcve.org/view.php?id=CVE-2015-0797
16 Apr 2015 — GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file. GStreamer anterior a 1.4.5, utilizado en Mozilla Firefox anterior a 38.0, Firefox ESR 31.x anterior a 31.7, y Thunderbird anterior a 31.7 en Linux, permite a atacantes remotos causar una denegación de servi... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00017.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 48%CPEs: 160EXPL: 0CVE-2015-2808 – SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
https://notcve.org/view.php?id=CVE-2015-2808
01 Apr 2015 — The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. El algoritmo RC4, utilizado en el protocolo TLS y el prot... • http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 3%CPEs: 34EXPL: 0CVE-2014-8160 – kernel: iptables restriction bypass if a protocol handler kernel module not loaded
https://notcve.org/view.php?id=CVE-2014-8160
26 Feb 2015 — net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers. net/netfilter/nf_conntrack_proto_generic.c en el kernel de Linux anterior a 3.18 genera entradas conntrack incorrectas durante el manejo de ciertos juegos de reglas iptables para los protocolos... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db29a9508a9246e77087c5531e45b2c88ec6988b • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 0CVE-2015-0432 – mysql: unspecified vulnerability related to Server:InnoDB:DDL:Foreign Key (CPU Jan 2015)
https://notcve.org/view.php?id=CVE-2015-0432
21 Jan 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.40 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con Server : InnoDB : DDL : Foreign Key. Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix t... • http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html •
CVSS: 9.1EPSS: 4%CPEs: 35EXPL: 0CVE-2015-0382 – mysql: unspecified vulnerability related to Server:Replication (CPU Jan 2015)
https://notcve.org/view.php?id=CVE-2015-0382
21 Jan 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.40 y anteriores y 5.6.21 y anteriores permita a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Replication, una vulnerabilidad diferente a CVE-2015-0381. Multip... • http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html •