CVE-2016-0607 – mysql: unspecified vulnerability in subcomponent: Server: Replication (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0607
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication. Vulnerabilidad no especificada en Oracle MySQL 5.6.27 y versiones anteriores y 5.7.9 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con replication. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securityfocus.com/bid/81238 http://www.securitytracker.com/id/1034708 http://www.ubuntu.com/usn/USN-2881-1 https://access.redhat.com/security/cve/CVE-2016-0607 https://bugzilla.redhat.com/show_bug.cgi •
CVE-2016-0610 – mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0610
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en Oracle MySQL 5.6.27 y versiones anteriores y MariaDB en versiones anteriores a 10.0.22 y 10.1.x en versiones anteriores a 10.1.9 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores no conocidos relacionados con InnoDB. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securityfocus.com/bid/81198 http://www.securitytracker.com/id/1034708 http://www.ubuntu.com/usn/USN-2881-1 https://access.redhat.com/errata/RHSA-2016:1132 https://mariadb.com/kb/en/mariadb/mariadb-1 •
CVE-2016-0595 – mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0595
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL 5.6.27 y versiones anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con DML. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securityfocus.com/bid/81121 http://www.securitytracker.com/id/1034708 http://www.ubuntu.com/usn/USN-2881-1 https://access.redhat.com/security/cve/CVE-2016-0595 https://bugzilla.redhat.com/show_bug.cgi •
CVE-2016-0546 – mysql: unspecified vulnerability in subcomponent: Client (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0546
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Client. NOTA: la información anterior proviene de la CPU de Enero de 2016. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http: • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2016-0598 – mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016)
https://notcve.org/view.php?id=CVE-2016-0598
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con DML. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http: •