CVE-2016-7440
https://notcve.org/view.php?id=CVE-2016-7440
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. La implementación de software C de AES Encryption and Decryption en wolfSSL (anterioremtne CyaSSL) en versiones anteriores a 3.9.10 hace más fácil para usuarios locales descubrir las claves AES aprovechando las diferencias de tiempo de banco del cachè. • http://www.debian.org/security/2016/dsa-3706 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93659 http://www.securitytracker.com/id/1037050 https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes https://wolfssl.com/wolfSSL/Blog/Entries/2016/9/26_wolfSSL_3.9.10_Vulnerability_Fixes.html •
CVE-2016-5635
https://notcve.org/view.php?id=CVE-2016-5635
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: Security: Audit. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93715 http://www.securitytracker.com/id/1037050 https://security.gentoo.org/glsa/201701-01 •
CVE-2016-5633
https://notcve.org/view.php?id=CVE-2016-5633
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: Performance Schema, una vulnerabilidad diferente a CVE-2016-8290. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93702 http://www.securitytracker.com/id/1037050 https://security.gentoo.org/glsa/201701-01 •
CVE-2016-5626 – mysql: unspecified vulnerability in subcomponent: Server: GIS (CPU October 2016)
https://notcve.org/view.php?id=CVE-2016-5626
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. Vulnerabilidad no especificada en Oracle MySQL 5.5.51 y versiones anteriores, 5.6.32 y versiones anteriores y 5.7.14 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con GIS. • http://rhn.redhat.com/errata/RHSA-2016-2130.html http://rhn.redhat.com/errata/RHSA-2016-2131.html http://rhn.redhat.com/errata/RHSA-2016-2595.html http://rhn.redhat.com/errata/RHSA-2016-2749.html http://rhn.redhat.com/errata/RHSA-2016-2927.html http://rhn.redhat.com/errata/RHSA-2016-2928.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93638 http://www.securitytracker.com/id/1037050 https://mariadb.co •
CVE-2016-8288 – mysql: unspecified vulnerability in subcomponent: Server: InnoDB Plugin (CPU October 2016)
https://notcve.org/view.php?id=CVE-2016-8288
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin. Vulnerabilidad no especificada en Oracle MySQL 5.6.30 y versiones anteriores y 5.7.12 y versiones anteriores permite a usuarios remotos autenticados afectar la integridad a través de vectores relacionados con Server: InnoDB Plugin. • http://rhn.redhat.com/errata/RHSA-2016-1601.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93740 http://www.securitytracker.com/id/1037050 https://security.gentoo.org/glsa/201701-01 https://access.redhat.com/security/cve/CVE-2016-8288 https://bugzilla.redhat.com/show_bug.cgi?id=1386590 • CWE-284: Improper Access Control •