CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2016-5626 – mysql: unspecified vulnerability in subcomponent: Server: GIS (CPU October 2016)
https://notcve.org/view.php?id=CVE-2016-5626
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. Vulnerabilidad no especificada en Oracle MySQL 5.5.51 y versiones anteriores, 5.6.32 y versiones anteriores y 5.7.14 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con GIS. MariaDB is a multi-user, multi-threaded SQL database server. For all prac... • http://rhn.redhat.com/errata/RHSA-2016-2130.html •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5507 – mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU October 2016)
https://notcve.org/view.php?id=CVE-2016-5507
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. Vulnerabilidad no especificada en Oracle MySQL 5.6.32 y versiones anteriores y 5.7.14 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: InnoDB. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and man... • http://rhn.redhat.com/errata/RHSA-2016-2749.html •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5633 – Gentoo Linux Security Advisory 201701-01
https://notcve.org/view.php?id=CVE-2016-5633
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: Performance Schema, una vulnerabilidad diferente a CVE-2016-8290. Multiple vulnerabilities have been found in MariaDB a... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8288 – mysql: unspecified vulnerability in subcomponent: Server: InnoDB Plugin (CPU October 2016)
https://notcve.org/view.php?id=CVE-2016-8288
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin. Vulnerabilidad no especificada en Oracle MySQL 5.6.30 y versiones anteriores y 5.7.12 y versiones anteriores permite a usuarios remotos autenticados afectar la integridad a través de vectores relacionados con Server: InnoDB Plugin. Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to ... • http://rhn.redhat.com/errata/RHSA-2016-1601.html • CWE-284: Improper Access Control •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8289 – Gentoo Linux Security Advisory 201701-01
https://notcve.org/view.php?id=CVE-2016-8289
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a usuarios locales afectar la integridad y la disponibilidad a través de vectores relacionados con Server: InnoDB. Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8287 – Gentoo Linux Security Advisory 201701-01
https://notcve.org/view.php?id=CVE-2016-8287
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: Replication. Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to the remote execution of arbitrary code. Versions less than 10.0... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 1.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8284 – mysql: unspecified vulnerability in subcomponent: Server: Replication (CPU October 2016)
https://notcve.org/view.php?id=CVE-2016-8284
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication. Vulnerabilidad no especificada en Oracle MySQL 5.6.31 y versiones anteriores y 5.7.13 y versiones anteriores permite a usuarios locales afectar la disponibilidad a través de vectores relacionados con Server: Replication. Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to the remote execution of a... • http://rhn.redhat.com/errata/RHSA-2016-1601.html •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2016-5584 – Gentoo Linux Security Advisory 201701-01
https://notcve.org/view.php?id=CVE-2016-5584
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption. Vulnerabilidad no especificada en Oracle MySQL 5.5.52 y versiones anteriores, 5.6.33 y versiones anteriores y 5.7.15 y versiones anteriores permite a administradores remotos afectar la confidencialidad a través de vectores relacionados con Server: Security: Encryption. Multiple security issues were... • http://www.debian.org/security/2016/dsa-3706 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-7440 – Slackware Security Advisory - mariadb Updates
https://notcve.org/view.php?id=CVE-2016-7440
25 Oct 2016 — The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. La implementación de software C de AES Encryption and Decryption en wolfSSL (anterioremtne CyaSSL) en versiones anteriores a 3.9.10 hace más fácil para usuarios locales descubrir las claves AES aprovechando las diferencias de tiempo de banco del cachè. Multiple security issues were discovered in MySQL and t... • http://www.debian.org/security/2016/dsa-3706 •
CVSS: 10.0EPSS: 2%CPEs: 30EXPL: 8CVE-2016-6662 – MySQL / MariaDB / PerconaDB 5.5.51/5.6.32/5.7.14 - Code Execution / Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-6662
12 Sep 2016 — Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL... • https://packetstorm.news/files/id/138678 • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •