Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2015-11-02	CVE-2015-5291	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message. network arm polarssl debian fedoraproject opensuse CWE-119	6.8
2015-10-26	CVE-2015-4625	Numeric Errors vulnerability in multiple products Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value. local low complexity fedoraproject opensuse polkit-project CWE-189	4.6
2015-10-21	CVE-2015-4879	Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML. network high complexity oracle debian canonical mariadb redhat fedoraproject	4.6
2015-10-21	CVE-2015-4870	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser. network low complexity oracle opensuse mariadb canonical debian redhat fedoraproject	4.0
2015-10-21	CVE-2015-4858	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913. network low complexity oracle opensuse mariadb canonical debian redhat fedoraproject	4.0
2015-10-21	CVE-2015-4830	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. network low complexity oracle mariadb canonical debian suse redhat opensuse fedoraproject	4.0
2015-10-21	CVE-2015-4826	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types. network low complexity oracle opensuse mariadb canonical debian redhat fedoraproject	4.0
2015-10-21	CVE-2015-4816	Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. network low complexity oracle mariadb canonical debian redhat fedoraproject	4.0
2015-10-21	CVE-2015-4815	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL. network low complexity oracle opensuse mariadb canonical debian redhat fedoraproject	4.0
2015-10-09	CVE-2015-5235	Improper Input Validation vulnerability in multiple products IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page. network fedoraproject redhat opensuse CWE-20	4.3