CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5442
https://notcve.org/view.php?id=CVE-2016-5442
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption. Vulnerabilidad no especificada en Oracle MySQL 5.7.12 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: Security: Encryption. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91974 http://www.securitytracker.com/id/1036362 http://www.ubuntu.com/usn/USN-3040-1 •
CVSS: 7.5EPSS: 8%CPEs: 61EXPL: 0CVE-2016-2105 – openssl: EVP_EncodeUpdate overflow
https://notcve.org/view.php?id=CVE-2016-2105
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data. Desbordamiento de entero en la función EVP_EncodeUpdate en crypto/evp/encode.c en OpenSSL en versiones anteriores a 1.0.1t y 1.0.2 en versiones anteriores a 1.0.2h permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica) a través de una gran cantidad de datos binarios. An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2016-05/ • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 31EXPL: 0CVE-2018-2817 – mysql: Server: DDL unspecified vulnerability (CPU Apr 2018)
https://notcve.org/view.php?id=CVE-2018-2817
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.securityfocus.com/bid/103818 http://www.securitytracker.com/id/1040698 https://access.redhat.com/errata/RHSA-2018:1254 https://access.redhat.com/errata/RHSA-2018:2439 https://access.redhat.com/errata/RHSA-2018:2729 https://access.redhat.com/errata/RHSA-2018:3655 https://access.redhat.com/errata/RHSA-2019:1258 https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html https://lists. •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0658
https://notcve.org/view.php?id=CVE-2016-0658
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Optimizer. Vulnerabilidad no especificada en Oracle MySQL 5.7.10 y versiones anteriores permite a usuarios locales afectar a la disponibilidad a través de vectores relacionados con Optimizer • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.securitytracker.com/id/1035606 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0656
https://notcve.org/view.php?id=CVE-2016-0656
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0654. Vulnerabilidad no especificada en Oracle MySQL 5.7.10 y versiones anteriores permite a usuarios locales afectar a la disponibilidad a través de vectores relacionados con InnoDB, una vulnerabilidad distinta a CVE-2016-0654. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.securitytracker.com/id/1035606 •