Page 20 of 317 results (0.024 seconds)

CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0

CVE-2016-3477 – mysql: unspecified vulnerability in subcomponent: Server: Parser (CPU July 2016)

https://notcve.org/view.php?id=CVE-2016-3477

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser. Vulnerabilidad no especificada en Oracle MySQL 5.5.49 y versiones anteriores, 5.6.30 y versiones anteriores y 5.7.12 y versiones anteriores y MariaDB en versiones anteriores a 5.5.50, 10.0.x en versiones anteriores a 10.0.26 y 10.1.x en versiones anteriores a 10.1.15 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Server: Parser. • http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html http://rhn.redhat.com/errata/RHSA-2016-1480.html http://rhn.redhat.com/errata/RHSA-2016-1601.html http://rhn.redhat.com/errata/RHSA-2016-1602.html http://rhn.redhat.com/errata/RHSA-2016-1603.html http://rhn.redhat.com/errata/RHSA-2016-1604.html http://rhn.redhat.com/errata/RHSA-2016-1637.html http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 http://www.debian.org/security/2016/dsa-3624 •

CVSS: 4.3EPSS: 0%CPEs: 26EXPL: 0

CVE-2016-5444 – mysql: unspecified vulnerability in subcomponent: Server: Connection (CPU July 2016)

https://notcve.org/view.php?id=CVE-2016-5444

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection. Vulnerabilidad no especificada en Oracle MySQL 5.5.48 y versiones anteriores, 5.6.29 y versiones anteriores y 5.7.11 y versiones anteriores y MariaDB en versiones anteriores a 5.5.49, 10.0.x en versiones anteriores a 10.0.25 y 10.1.x en versiones anteriores a 10.1.14 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con Server: Connection. • http://rhn.redhat.com/errata/RHSA-2016-0705.html http://rhn.redhat.com/errata/RHSA-2016-1480.html http://rhn.redhat.com/errata/RHSA-2016-1481.html http://rhn.redhat.com/errata/RHSA-2016-1602.html http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid •

CVSS: 9.6EPSS: 1%CPEs: 6EXPL: 0

CVE-2016-3587 – Oracle Java MethodHandle Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-3587

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Hotspot. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the MethodHandle class. Due to unsafe handling of reflection of privileged classes inside the MethodHandle class, it is possible for untrusted code to gain access to privileged methods and properties. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91904 http://www.securitytracker.com/id/1036365 http://ww •

CVSS: 9.6EPSS: 1%CPEs: 7EXPL: 0

CVE-2016-3598 – Oracle Java MethodHandles dropArguments Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-3598

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610. Vulnerabilidad no especificada en Oracle Java SE 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Libraries, una vulnerabilidad diferente a CVE-2016-3610. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of MethodHandles' dropArguments method. Due to unsafe handling of reflection of privileged classes inside the MethodHandles class, it is possible for untrusted code to gain access to privileged methods and properties. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-09 •

CVSS: 9.6EPSS: 1%CPEs: 9EXPL: 0

CVE-2016-3606 – Oracle Java Uninitialized Object Generation Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-3606

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 7u101 y 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la confidencialidad, la integridad y disponibilidad a través de vectores relacionados con Hotspot. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the runtime evaluates uninitialized objects that are not compiler generated. Due to unsafe handling of privileged classes within the uninitialized objects, it is possible for untrusted code to gain access to privileged methods and properties. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00028. •