Page 21 of 158 results (0.012 seconds)

CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. Vulnerabilidad no especificada en Oracle MySQL 5.5.51 y versiones anteriores, 5.6.32 y versiones anteriores y 5.7.14 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con Server: Optimizer. • http://rhn.redhat.com/errata/RHSA-2016-2130.html http://rhn.redhat.com/errata/RHSA-2016-2131.html http://rhn.redhat.com/errata/RHSA-2016-2595.html http://rhn.redhat.com/errata/RHSA-2016-2749.html http://rhn.redhat.com/errata/RHSA-2016-2927.html http://rhn.redhat.com/errata/RHSA-2016-2928.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93650 http://www.securitytracker.com/id/1037050 https://mariadb.co •

CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption. Vulnerabilidad no especificada en Oracle MySQL 5.5.52 y versiones anteriores, 5.6.33 y versiones anteriores y 5.7.15 y versiones anteriores permite a administradores remotos afectar la confidencialidad a través de vectores relacionados con Server: Security: Encryption. • http://www.debian.org/security/2016/dsa-3706 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93735 http://www.securitytracker.com/id/1037050 https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes https://security.gentoo.org/glsa/201701-01 •

CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL 5.5.51 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con DML. • http://rhn.redhat.com/errata/RHSA-2016-2130.html http://rhn.redhat.com/errata/RHSA-2016-2131.html http://rhn.redhat.com/errata/RHSA-2016-2595.html http://rhn.redhat.com/errata/RHSA-2016-2927.html http://rhn.redhat.com/errata/RHSA-2016-2928.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93635 http://www.securitytracker.com/id/1037050 https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes https:/& •

CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. Vulnerabilidad no especificada en Oracle MySQL 5.5.51 y versiones anteriores, 5.6.32 y versiones anteriores y 5.7.14 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con GIS. • http://rhn.redhat.com/errata/RHSA-2016-2130.html http://rhn.redhat.com/errata/RHSA-2016-2131.html http://rhn.redhat.com/errata/RHSA-2016-2595.html http://rhn.redhat.com/errata/RHSA-2016-2749.html http://rhn.redhat.com/errata/RHSA-2016-2927.html http://rhn.redhat.com/errata/RHSA-2016-2928.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93638 http://www.securitytracker.com/id/1037050 https://mariadb.co •

CVSS: 10.0EPSS: 0%CPEs: 30EXPL: 4

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15. Oracle MySQL hasta la versión 5.5.52, 5.6.x hasta la versión 5.6.33 y 5.7.x hasta la versión 5.7.15; MariaDB en versiones anteriores a 5.5.51, 10.0.x en versiones anteriores a 10.0.27 y 10.1.x en versiones anteriores a 10.1.17; y Percona Server en versiones anteriores a 5.5.51-38.1, 5.6.x en versiones anteriores a 5.6.32-78.0 y 5.7.x en versiones anteriores a 5.7.14-7 permiten a usuarios locales crear configuraciones arbitrarias y eludir ciertos mecanismos de protección estableciendo general_log_file a una configuración my.cnf NOTA: esto puede ser aprovechado para ejecutar código arbitrario con privilegios root estableciendo malloc_lib. • https://www.exploit-db.com/exploits/40360 https://github.com/MAYASEVEN/CVE-2016-6662 https://github.com/KosukeShimofuji/CVE-2016-6662 https://github.com/konstantin-kelemen/mysqld_safe-CVE-2016-6662-patch http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html http://rhn.redhat.com/errata/RHSA-2016-2058.html http://rhn.redhat.com/errata/RHSA-2016-2059.html http://rhn.redhat.com/errata/RHSA-2016-2060.html http://rhn.redhat.com/errat • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •