Page 7 of 110 results (0.010 seconds)

CVSS: 9.3EPSS: 3%CPEs: 15EXPL: 0

CVE-2016-0636 – OpenJDK: missing type safety checks for MethodHandle calls across class loaders, incorrect CVE-2013-5838 fix (Hotspot, 8151666)

https://notcve.org/view.php?id=CVE-2016-0636

Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component. Vulnerabilidad no especificada en Oracle Java SE 7u97, 8u73 y 8u74 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con el subcomponente Hotspot. An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2016-04 • CWE-358: Improperly Implemented Security Check for Standard •

CVSS: 9.8EPSS: 7%CPEs: 8EXPL: 0

CVE-2010-5325 – foomatic: potential remote arbitrary code execution

https://notcve.org/view.php?id=CVE-2010-5325

Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title. Desbordamiento de buffer basado en memoria dinámica en la función unhtmlify en foomatic-rip en foomatic-filters en versiones anteriores a 4.0.6 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída) o posiblemente ejecutar código arbitrario a través de un título de trabajo largo. It was discovered that the unhtmlify() function of foomatic-rip did not correctly calculate buffer sizes, possibly leading to a heap-based memory corruption. A malicious attacker could exploit this flaw to cause foomatic-rip to crash or, possibly, execute arbitrary code. • http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog http://rhn.redhat.com/errata/RHSA-2016-0491.html http://www.openwall.com/lists/oss-security/2016/02/15/1 http://www.openwall.com/lists/oss-security/2016/02/15/7 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html https://bugs.linuxfoundation.org/show_bug.cgi?id=515 https://bugzilla.redhat.com/show_bug.cgi?id=1218297 https://access.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 3.5EPSS: 0%CPEs: 24EXPL: 0

CVE-2016-0600 – mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU January 2016)

https://notcve.org/view.php?id=CVE-2016-0600

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores no conocidos relacionados con InnoDB. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http:&# •

CVSS: 7.2EPSS: 0%CPEs: 24EXPL: 0

CVE-2016-0546 – mysql: unspecified vulnerability in subcomponent: Client (CPU January 2016)

https://notcve.org/view.php?id=CVE-2016-0546

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Client. NOTA: la información anterior proviene de la CPU de Enero de 2016. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http:&# • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 3.5EPSS: 0%CPEs: 24EXPL: 0

CVE-2016-0598 – mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016)

https://notcve.org/view.php?id=CVE-2016-0598

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con DML. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http:&# •