Vulnerabilities > Canonical > Ubuntu Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-21 | CVE-2016-0668 | Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB. | 4.1 |
| 2016-04-21 | CVE-2016-0665 | Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption. | 5.5 |
| 2016-04-21 | CVE-2016-0661 | Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options. | 4.7 |
| 2016-04-21 | CVE-2016-0642 | Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated. | 4.7 |
| 2016-04-20 | CVE-2015-7802 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file. | 5.5 |
| 2016-04-18 | CVE-2016-3941 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF." | 5.5 |
| 2016-04-18 | CVE-2016-1654 | Improper Input Validation vulnerability in multiple products The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors. | 6.5 |
| 2016-04-15 | CVE-2016-3961 | Improper Input Validation vulnerability in multiple products Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area. | 5.5 |
| 2016-04-14 | CVE-2015-5247 | Improper Access Control vulnerability in multiple products The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool. | 6.5 |
| 2016-04-14 | CVE-2011-4600 | Improper Access Control vulnerability in multiple products The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query. | 5.9 |