CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-4890 – mysql: unspecified vulnerability related to Server:Replication (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4890
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.26 y versiones anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Server : Replication. • http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html http://www.securityfocus.com/bid/77231 http://www.securitytracker.com/id/1033894 http://www.ubuntu.com/usn/USN-2781-1 https://access.redhat.com/security/cve/CVE-2015-4890 https://bugzilla.redhat.com/show_bug.cgi?id=1274785 •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-4910 – mysql: unspecified vulnerability related to Server:Memcached (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4910
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.26 y versiones anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Server : Memcached. • http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html http://www.securityfocus.com/bid/77234 http://www.securitytracker.com/id/1033894 http://www.ubuntu.com/usn/USN-2781-1 https://access.redhat.com/security/cve/CVE-2015-4910 https://bugzilla.redhat.com/show_bug.cgi?id=1274792 •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-4800 – mysql: unspecified vulnerability related to Server:Optimizer (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4800
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.26 y versiones anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con Server : Optimizer. • http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html http://www.securityfocus.com/bid/77216 http://www.securitytracker.com/id/1033894 http://www.ubuntu.com/usn/USN-2781-1 https://access.redhat.com/security/cve/CVE-2015-4800 https://bugzilla.redhat.com/show_bug.cgi?id=1274754 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-8177 – gluster-swift metadata constraints are not correctly enforced
https://notcve.org/view.php?id=CVE-2014-8177
The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage Server), allows remote authenticated users to bypass the max_meta_count constraint via multiple crafted requests which exceed the limit when combined. El paquete gluster-swift de Red Hat, tal como se utiliza en Red Hat Gluster Storage (anteriormente Red Hat Storage Server), permite a usuarios remotos autenticados eludir la restricción max_meta_count a través de múltiples peticiones manipuladas que exceden el límite cuando se combinan. A flaw was found in the metadata constraints in Red Hat Gluster Storage's OpenStack Object Storage (swiftonfile). By adding metadata in several separate calls, a malicious user could bypass the max_meta_count constraint, and store more metadata than allowed by the configuration. • http://rhn.redhat.com/errata/RHSA-2015-1845.html http://rhn.redhat.com/errata/RHSA-2015-1846.html http://www.openwall.com/lists/oss-security/2015/08/27/5 https://bugzilla.redhat.com/show_bug.cgi?id=1257525 https://access.redhat.com/security/cve/CVE-2014-8177 • CWE-284: Improper Access Control •
CVSS: 3.5EPSS: 0%CPEs: 30EXPL: 0CVE-2015-6815
https://notcve.org/view.php?id=CVE-2015-6815
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. La función process_tx_desc en el archivo hw/net/e1000.c en QEMU versiones anteriores a 2.4.0.1, no procesa apropiadamente los datos del descriptor de transmisión cuando se envía un paquete de red, lo que permite a atacantes causar una denegación de servicio (bucle infinito y bloqueo de invitado) por medio de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html http://www.openwall.com/lists/oss-security&#x • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •