CVSS: 8.6EPSS: 0%CPEs: 33EXPL: 0CVE-2015-4826 – mysql: unspecified vulnerability related to Server:Types (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4826
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores permite a usuarios remotos autenticados afectar a la confidencialidad a través de vectores desconocidos relacionados con Server : Types. MariaDB is a multi-user, multi-threaded SQL database server. ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html •
CVSS: 8.6EPSS: 0%CPEs: 37EXPL: 0CVE-2015-4830 – mysql: unspecified vulnerability related to Server:Security:Privileges (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4830
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores permite a usuarios remotos autenticados afectar a la integridad a través de vectores desconocidos relacionados con Server : Security : Privileges. MariaDB is a multi-user, multi-threaded S... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html •
CVSS: 6.5EPSS: 0%CPEs: 35EXPL: 0CVE-2015-4792 – mysql: unspecified vulnerability related to Server:Partition (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4792
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Server : Partition, una vulnerab... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html •
CVSS: 6.5EPSS: 0%CPEs: 34EXPL: 0CVE-2015-4802 – mysql: unspecified vulnerability related to Server:Partition (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4802
21 Oct 2015 — Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Server : Partition, una vulnerab... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html •
CVSS: 7.5EPSS: 2%CPEs: 45EXPL: 0CVE-2015-7691 – ntp: incomplete checks in ntp_crypto.c
https://notcve.org/view.php?id=CVE-2015-7691
21 Oct 2015 — The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. La función crypto_xmit en ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio empleando paquetes manipulados que conte... • http://rhn.redhat.com/errata/RHSA-2016-0780.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 3%CPEs: 45EXPL: 0CVE-2015-7692 – ntp: incomplete checks in ntp_crypto.c
https://notcve.org/view.php?id=CVE-2015-7692
21 Oct 2015 — The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. La función crypto_xmit en ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-9750. It was found t... • http://rhn.redhat.com/errata/RHSA-2016-0780.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 3%CPEs: 45EXPL: 0CVE-2015-7701 – ntp: slow memory leak in CRYPTO_ASSOC
https://notcve.org/view.php?id=CVE-2015-7701
21 Oct 2015 — Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption). Una fuga de memoria en la función CRYPTO_ASSOC en ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria). A memory leak flaw was found in ntpd's CRYPTO_ASSOC. If ntpd was configured to use autokey authenticat... • http://rhn.redhat.com/errata/RHSA-2016-0780.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 45EXPL: 0CVE-2015-7702 – ntp: incomplete checks in ntp_crypto.c
https://notcve.org/view.php?id=CVE-2015-7702
21 Oct 2015 — The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. La función crypto_xmit en ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-9750. It was found t... • http://rhn.redhat.com/errata/RHSA-2016-0780.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 3%CPEs: 45EXPL: 0CVE-2015-7703 – ntp: config command can be used to set the pidfile and drift file paths
https://notcve.org/view.php?id=CVE-2015-7703
21 Oct 2015 — The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command. Las directivas "pidfile" o "driftfile" en NTP ntpd versión 4.2.x anterior a 4.2.8p4, y versión 4.3.x anterior a 4.3.77, cuando ntpd está configurado para perm... • http://rhn.redhat.com/errata/RHSA-2016-0780.html • CWE-20: Improper Input Validation CWE-73: External Control of File Name or Path •
CVSS: 7.5EPSS: 52%CPEs: 58EXPL: 0CVE-2015-7704 – ntp: disabling synchronization via crafted KoD packet
https://notcve.org/view.php?id=CVE-2015-7704
21 Oct 2015 — The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. El cliente ntpd en NTP 4.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio empleando una serie de mensajes "KOD" manipulados. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use thi... • http://bugs.ntp.org/show_bug.cgi?id=2901 • CWE-20: Improper Input Validation •