CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2016-1930 – Mozilla: Miscellaneous memory safety hazards (rv:38.6) (MFSA 2016-01)
https://notcve.org/view.php?id=CVE-2016-1930
27 Jan 2016 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox en versiones anteriores a 44.0 y Firefox ESR 38.x en versiones anteriores a 38.6 permiten a atacantes remotos causar una denegación de servicio (corru... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2016-1935 – Mozilla: Buffer overflow in WebGL after out of memory allocation (MFSA 2016-03)
https://notcve.org/view.php?id=CVE-2016-1935
27 Jan 2016 — Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content. Desbordamiento de buffer en la función BufferSubData en Mozilla Firefox en versiones anteriores a 44.0 y Firefox ESR 38.x en versiones anteriores a 38.6 permite a atacantes remotos ejecutar código arbitrario a través de contenido WebGL manipulado. Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman, Carst... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 1%CPEs: 16EXPL: 0CVE-2016-2047 – mysql: ssl-validate-cert incorrect hostname check
https://notcve.org/view.php?id=CVE-2016-2047
26 Jan 2016 — The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated ... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html • CWE-254: 7PK - Security Features CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 0%CPEs: 24EXPL: 0CVE-2016-0609 – mysql: unspecified vulnerability in subcomponent: Server: Security: Privileges (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0609
21 Jan 2016 — Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 ... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html •
CVSS: 8.1EPSS: 0%CPEs: 50EXPL: 0CVE-2016-0616 – mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0616
21 Jan 2016 — Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a t... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html •
CVSS: 9.8EPSS: 0%CPEs: 24EXPL: 0CVE-2016-0505 – mysql: unspecified vulnerability in subcomponent: Server: Options (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0505
21 Jan 2016 — Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 per... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html •
CVSS: 9.8EPSS: 0%CPEs: 24EXPL: 0CVE-2016-0546 – mysql: unspecified vulnerability in subcomponent: Client (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0546
21 Jan 2016 — Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impac... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 23EXPL: 0CVE-2016-0596 – mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0596
21 Jan 2016 — Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores y 5.6.27 y versiones anteriores y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos aut... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html •
CVSS: 8.1EPSS: 0%CPEs: 24EXPL: 0CVE-2016-0597 – mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0597
21 Jan 2016 — Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 p... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html •
CVSS: 9.8EPSS: 0%CPEs: 24EXPL: 0CVE-2016-0598 – mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0598
21 Jan 2016 — Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuar... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html •