Page 22 of 199 results (0.017 seconds)

CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : InnoDB, una vulnerabilidad diferente a CVE-2015-0439. • http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html http://rhn.redhat.com/errata/RHSA-2015-1630.html http://rhn.redhat.com/errata/RHSA-2015-1646.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75785 http://www.securitytracker.com/id/1032911 https://security.gentoo.org/glsa/201610-06 https://access.redhat.com/security/cve/CVE-2015-4756 https://bugzilla.redhat.com/show_bug.cgi?id=1244780 •

CVSS: 4.0EPSS: 0%CPEs: 5EXPL: 0

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.24 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con RBR. • http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html http://rhn.redhat.com/errata/RHSA-2015-1630.html http://rhn.redhat.com/errata/RHSA-2015-1646.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75835 http://www.securitytracker.com/id/1032911 http://www.ubuntu.com/usn/USN-2674-1 https://security.gentoo.org/glsa/201610-06 https://access.redhat.com/security/cve/CVE-2015-4771 https://bugzilla.redhat •

CVSS: 4.0EPSS: 0%CPEs: 5EXPL: 0

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.24 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Memcached. • http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html http://rhn.redhat.com/errata/RHSA-2015-1630.html http://rhn.redhat.com/errata/RHSA-2015-1646.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75770 http://www.securitytracker.com/id/1032911 http://www.ubuntu.com/usn/USN-2674-1 https://access.redhat.com/security/cve/CVE-2015-4761 https://bugzilla.redhat.com/show_bug.cgi?id=1244782 •

CVSS: 4.0EPSS: 0%CPEs: 5EXPL: 0

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.24 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Partition. • http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html http://rhn.redhat.com/errata/RHSA-2015-1630.html http://rhn.redhat.com/errata/RHSA-2015-1646.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75781 http://www.securitytracker.com/id/1032911 http://www.ubuntu.com/usn/USN-2674-1 https://security.gentoo.org/glsa/201610-06 https://access.redhat.com/security/cve/CVE-2015-4772 https://bugzilla.redhat •

CVSS: 5.9EPSS: 0%CPEs: 27EXPL: 1

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack. Oracle MySQL en versiones anteriores a 5.7.3, Oracle MySQL Connector/C (también conocido como libmysqlclient) en versiones anteriores a 6.1.3 y MariaDB en versiones anteriores a 5.5.44 utiliza la opción --ssl significa que SSL es opcional, lo que permite a atacantes man-in-the-middle suplantar servidores a través de un ataque de degradación de texto plano, también conocida como un ataque "BACKRONYM". It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. • http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html http://rhn.redhat.com/errata/RHSA-2015-1646.html http://rhn.redhat.com/errata/RHSA-2015-1647.html http://rhn& • CWE-295: Improper Certificate Validation •