15.10

DATE	CVE	VULNERABILITY TITLE	RISK
2015-11-09	CVE-2015-2695	Release of Invalid Pointer or Reference vulnerability in multiple products lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. network low complexity mit oracle canonical debian opensuse suse CWE-763	5.0
2015-11-06	CVE-2015-7697	Resource Management Errors vulnerability in multiple products Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive. network canonical debian unzip-project CWE-399	4.3
2015-11-06	CVE-2015-7696	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value. network canonical debian unzip-project CWE-119	6.8
2015-10-22	CVE-2015-4913	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858. network oracle opensuse redhat canonical debian fedoraproject mariadb	3.5
2015-10-21	CVE-2015-4895	Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. network oracle mariadb fedoraproject debian canonical	3.5
2015-10-21	CVE-2015-4879	Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML. network high complexity oracle debian canonical mariadb redhat fedoraproject	4.6
2015-10-21	CVE-2015-4870	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser. network low complexity oracle opensuse mariadb canonical debian redhat fedoraproject	4.0
2015-10-21	CVE-2015-4866	Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. network low complexity oracle mariadb canonical	4.0
2015-10-21	CVE-2015-4864	Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. network oracle canonical redhat mariadb	3.5
2015-10-21	CVE-2015-4861	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. network oracle opensuse redhat mariadb debian canonical fedoraproject	3.5