CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2016-0647 – mysql: unspecified vulnerability in subcomponent: Server: FTS (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0647
21 Apr 2016 — Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS. Vulnerabilidad no especificada en Oracle MySQL 5.5.48 y versiones anteriores, 5.6.29 y versiones anteriores y 5.7.11 y versiones anteriores y MariaDB en versiones anteriores a 5.5.49, 10.0.x en versiones anteriores a 10.0.25 y 10.1.x en versiones anteriores a 1... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2016-0648 – mysql: unspecified vulnerability in subcomponent: Server: PS (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0648
21 Apr 2016 — Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS. Vulnerabilidad no especificada en Oracle MySQL 5.5.48 y versiones anteriores, 5.6.29 y versiones anteriores y 5.7.11 y versiones anteriores y MariaDB en versiones anteriores a 5.5.49, 10.0.x en versiones anteriores a 10.0.25 y 10.1.x en versiones anteriores a 10... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2016-0649 – mysql: unspecified vulnerability in subcomponent: Server: PS (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0649
21 Apr 2016 — Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS. Vulnerabilidad no especificada en Oracle MySQL 5.5.47 y versiones anteriores, 5.6.28 y versiones anteriores y 5.7.10 y versiones anteriores y MariaDB en versiones anteriores a 5.5.48, 10.0.x en versiones anteriores a 10.0.24 y 10.1.x en versiones anteriores a 10... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2016-0650 – mysql: unspecified vulnerability in subcomponent: Server: Replication (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0650
21 Apr 2016 — Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication. Vulnerabilidad no especificada en Oracle MySQL 5.5.47 y versiones anteriores, 5.6.28 y versiones anteriores y 5.7.10 y versiones anteriores y MariaDB en versiones anteriores a 5.5.48, 10.0.x en versiones anteriores a 10.0.24 y 10.1.x en versiones anteri... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2016-0655 – mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0655
21 Apr 2016 — Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB. Vulnerabilidad no especificada en Oracle MySQL 5.6.29 y versiones anteriores y 5.7.11 y versiones anteriores y MariaDB 10.0.x en versiones anteriores a 10.0.25 y 10.1.x en versiones anteriores a 10.1.14 permite a usuarios locales afectar la disponibilidad a través de vectores relacionados con I... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2016-0666 – mysql: unspecified vulnerability in subcomponent: Server: Security: Privileges (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0666
21 Apr 2016 — Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges. Vulnerabilidad no especificada en Oracle MySQL 5.5.48 y versiones anteriores, 5.6.29 y versiones anteriores y 5.7.11 y versiones anteriores y MariaDB en versiones anteriores a 5.5.49, 10.0.x en versiones anteriores a 10.0.25 y 10.1.x en version... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html •
CVSS: 4.1EPSS: 0%CPEs: 18EXPL: 0CVE-2016-0668 – mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0668
21 Apr 2016 — Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB. Vulnerabilidad no especificada en Oracle MySQL 5.6.28 y versiones anteriores y 5.7.10 y versiones anteriores y MariaDB 10.0.x en versiones anteriores a 10.0.24 y 10.1.x en versiones anteriores a 10.1.12 permite a usuarios locales afectar la disponibilidad a través de vectores relacionados con I... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 0CVE-2016-0651 – mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0651
21 Apr 2016 — Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores permite a usuarios locales afectar a la disponibilidad a través de vectores relacionados con Optimizer. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaDB uses PCRE, a Perl-compatible regular expression library,... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html •
CVSS: 5.9EPSS: 0%CPEs: 16EXPL: 0CVE-2016-2047 – mysql: ssl-validate-cert incorrect hostname check
https://notcve.org/view.php?id=CVE-2016-2047
26 Jan 2016 — The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated ... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html • CWE-254: 7PK - Security Features CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 1%CPEs: 7EXPL: 2CVE-2015-7744
https://notcve.org/view.php?id=CVE-2015-7744
22 Jan 2016 — wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack. wolfSSL (anteriormente CyaSSL) en versiones anteriores a 3.6.8 no maneja correctamente fallos asociados con el proceso Chinese Remainder Theorem (CRT) cuando permiten el interca... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html •