Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-10-21 | CVE-2015-4826 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types. | 4.0 |
| 2015-10-21 | CVE-2015-4816 | Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. | 4.0 |
| 2015-10-21 | CVE-2015-4815 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL. | 4.0 |
| 2015-10-19 | CVE-2015-6937 | Null Pointer Deference Denial of Service vulnerability in Linux Kernel The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. | 4.9 |
| 2015-10-19 | CVE-2015-5707 | Integer Overflow or Wraparound vulnerability in Linux Kernel Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | 4.6 |
| 2015-10-09 | CVE-2015-1337 | Improper Input Validation vulnerability in multiple products Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response. | 6.8 |
| 2015-09-14 | CVE-2014-9745 | Resource Management Errors vulnerability in multiple products The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage. | 5.0 |
| 2015-09-08 | CVE-2015-5200 | Local Security vulnerability in libvdpau The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors. | 6.3 |
| 2015-09-01 | CVE-2015-6727 | Information Exposure vulnerability in multiple products The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text. | 5.0 |
| 2015-08-31 | CVE-2015-5706 | Use After Free vulnerability in multiple products Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation. | 4.6 |