CVE-2016-0642 – mysql: unspecified vulnerability in subcomponent: Server: Federated (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0642
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated. Vulnerabilidad no especificada en Oracle MySQL 5.5.48 y versiones anteriores, 5.6.29 y versiones anteriores y 5.7.11 y versiones anteriores permite a usuarios locales afectar a la integridad y disponibilidad a través de vectores relacionados con Federated. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http: •
CVE-2016-0651 – mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU April 2016)
https://notcve.org/view.php?id=CVE-2016-0651
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores permite a usuarios locales afectar a la disponibilidad a través de vectores relacionados con Optimizer. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http://rhn.redhat.com/errata/RHSA-2016-1480.html http://rhn.redhat.com •
CVE-2015-8842
https://notcve.org/view.php?id=CVE-2015-8842
tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file. tmpfiles.d/systemd.conf en systemd en versiones anteriores a 229 utiliza permisos débiles para /var/log/journal/%m/system.journal, lo que permite a usuarios locales obtener información sensible leyendo el archivo. • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00044.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00109.html http://www.openwall.com/lists/oss-security/2016/04/08/14 http://www.openwall.com/lists/oss-security/2016/04/08/15 https://bugzilla.suse.com/show_bug.cgi?id=972612 https://github.com/systemd/systemd/commit/afae249efa4774c6676738ac5de6aeb4daf4889f • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-9770
https://notcve.org/view.php?id=CVE-2014-9770
tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files. tmpfiles.d/systemd.conf en systemd en versiones anteriores a 214 utiliza permisos débiles para archivos journal bajo (1) /run/log/journal/%m y (2) /var/log/journal/%m, lo que permite a usuarios locales obtener información sensible leyendo estos archivos. • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00044.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00109.html http://www.openwall.com/lists/oss-security/2016/04/08/14 http://www.openwall.com/lists/oss-security/2016/04/08/15 https://bugzilla.suse.com/show_bug.cgi?id=972612 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-3427 – Oracle Java SE and JRockit Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2016-3427
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JMX. It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-05 • CWE-284: Improper Access Control •