CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-7837 – kernel: securelevel disabled after kexec
https://notcve.org/view.php?id=CVE-2015-7837
20 Nov 2015 — The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot. El kernel de Linux, tal y como se emplea en Red Hat Enterprise Linux 7, kernel-rt y Enterprise MRG 2 y cuando se emplea con UEFI Secure Boot habilitado, permite que usuarios locales omitan las restricciones securelevel/secureboot... • http://rhn.redhat.com/errata/RHSA-2015-2152.html • CWE-254: 7PK - Security Features CWE-456: Missing Initialization of a Variable •
CVSS: 5.5EPSS: 1%CPEs: 158EXPL: 1CVE-2015-7981 – libpng: Out-of-bounds read in png_convert_to_rfc1123
https://notcve.org/view.php?id=CVE-2015-7981
19 Nov 2015 — The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read. La función png_convert_to_rfc1123 en png.c en libpng 1.0.x en versiones anteriores a 1.0.64, 1.2.x en versiones anteriores a 1.2.54 y 1.4.x en versiones anteriores a 1.4.17 permite a atacantes remotos obtener información sensible de la ... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.7EPSS: 6%CPEs: 62EXPL: 0CVE-2015-8126 – libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
https://notcve.org/view.php?id=CVE-2015-8126
13 Nov 2015 — Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. Múltiples desbordamientos de buffer en las funciones (1) png_set_PLTE y (2) png_get_PLTE en libpng en ver... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 35EXPL: 0CVE-2015-4913 – mysql: unspecified vulnerability related to Server:DML (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4913
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con Server : DML, una vulnerabilidad diferente a CVE-2015-4858.... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html •
CVSS: 6.5EPSS: 0%CPEs: 35EXPL: 0CVE-2015-4836 – mysql: unspecified vulnerability related to Server:SP (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4836
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Server : SP. MariaDB is a multi-user, multi-threaded SQL database server. For all ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html •
CVSS: 6.5EPSS: 0%CPEs: 34EXPL: 0CVE-2015-4858 – mysql: unspecified vulnerability related to Server:DML (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4858
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con DML, una vulnerabilidad diferente a CVE-2015-4913. MariaDB is a m... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html •
CVSS: 6.5EPSS: 0%CPEs: 35EXPL: 0CVE-2015-4861 – mysql: unspecified vulnerability related to Server:InnoDB (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4861
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Server : InnoDB. MariaDB is a multi-user, multi-threaded SQL database server. ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html •
CVSS: 8.6EPSS: 0%CPEs: 30EXPL: 0CVE-2015-4864 – mysql: unspecified vulnerability related to Server:Security:Privileges (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4864
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.43 y versiones anteriores y 5.6.24 y versiones anteriores permite a usuarios remotos autenticados afectar a la integridad a través de vectores desconocidos relacionados con Server : Security : Privileges. Multiple security issues were discovered ... • http://rhn.redhat.com/errata/RHSA-2015-1628.html •
CVSS: 8.8EPSS: 0%CPEs: 32EXPL: 0CVE-2015-4879 – mysql: unspecified vulnerability related to Server:DML (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4879
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.44 y versiones anteriores y 5.6.25 y versiones anteriores, permite a usuarios remotos autenticados afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con DML. MariaDB is a multi-user, multi-threaded SQL... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html •
CVSS: 6.5EPSS: 14%CPEs: 34EXPL: 4CVE-2015-4870 – MySQL 5.5.45 - procedure analyse Function Denial of Service
https://notcve.org/view.php?id=CVE-2015-4870
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Server : Parser. MariaDB is a multi-user, multi-threaded SQL database server. ... • https://packetstorm.news/files/id/137232 •