CVSS: 5.5EPSS: 1%CPEs: 2EXPL: 0CVE-2016-3977
https://notcve.org/view.php?id=CVE-2016-3977
Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file. Desbordamiento de buffer basado en memoria dinámica en util/gif2rgb.c en gif2rgb en giflib 5.1.2 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través del índice del color de fondo en un archivo GIF. • http://bugs.fi/fuzzing/index.html http://lists.opensuse.org/opensuse-updates/2016-04/msg00079.html http://lists.opensuse.org/opensuse-updates/2016-04/msg00084.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00019.html http://www.securityfocus.com/bid/88103 https://bugzilla.redhat.com/show_bug.cgi?id=1325771 https://sourceforge.net/p/giflib/bugs/87 https://sourceforge.net/p/giflib/code/ci/ea8dbc5786862a3e16a5acfa3d24e2c2f608cd88 https://usn.ubuntu.com/4107-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2016-3190
https://notcve.org/view.php?id=CVE-2016-3190
The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length. La función fill_xrgb32_lerp_opaque_spans en cairo-image-compositor.c en cairo en versiones anteriores a 1.14.2 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites y caída de aplicación) a través de una longitud negativa de span. • http://lists.opensuse.org/opensuse-updates/2016-04/msg00029.html https://bugzilla.redhat.com/show_bug.cgi?id=1318977 https://cgit.freedesktop.org/cairo/patch/src/cairo-image-compositor.c?id=5c82d91a5e15d29b1489dcb413b24ee7fdf59934 https://mail.gnome.org/archives/gnome-announce-list/2015-March/msg00047.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.1EPSS: 0%CPEs: 18EXPL: 0CVE-2016-0668 – mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0668
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB. Vulnerabilidad no especificada en Oracle MySQL 5.6.28 y versiones anteriores y 5.7.10 y versiones anteriores y MariaDB 10.0.x en versiones anteriores a 10.0.24 y 10.1.x en versiones anteriores a 10.1.12 permite a usuarios locales afectar la disponibilidad a través de vectores relacionados con InnoDB. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.debian.org/security/2016/dsa-3595 http://www.oracle.com/tech •
CVSS: 4.7EPSS: 0%CPEs: 42EXPL: 0CVE-2016-0642 – mysql: unspecified vulnerability in subcomponent: Server: Federated (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0642
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated. Vulnerabilidad no especificada en Oracle MySQL 5.5.48 y versiones anteriores, 5.6.29 y versiones anteriores y 5.7.11 y versiones anteriores permite a usuarios locales afectar a la integridad y disponibilidad a través de vectores relacionados con Federated. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http:&# •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 0CVE-2016-0651 – mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0651
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores permite a usuarios locales afectar a la disponibilidad a través de vectores relacionados con Optimizer. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http://rhn.redhat.com/errata/RHSA-2016-1480.html http://rhn.redhat.com&#x •