Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2016-05-05	CVE-2016-3717	Information Exposure vulnerability in multiple products The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. local low complexity canonical redhat imagemagick CWE-200	5.5
2016-05-05	CVE-2016-3715	Improper Access Control vulnerability in multiple products The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. local low complexity redhat imagemagick canonical CWE-284	5.5
2016-05-05	CVE-2016-2107	Information Exposure vulnerability in multiple products The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. network high complexity redhat opensuse openssl google hp nodejs debian canonical CWE-200	5.9
2016-04-13	CVE-2016-3069	Improper Input Validation vulnerability in multiple products Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. network mercurial debian suse opensuse fedoraproject redhat CWE-20	6.8
2016-04-13	CVE-2016-3068	Improper Input Validation vulnerability in multiple products Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. network debian mercurial fedoraproject redhat suse opensuse CWE-20	6.8
2016-04-08	CVE-2015-5229	Code vulnerability in Redhat products The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors. network low complexity redhat CWE-17	5.0
2016-01-21	CVE-2016-0616	Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. network low complexity redhat canonical mariadb oracle opensuse debian	4.0
2016-01-21	CVE-2016-0597	Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. network low complexity redhat oracle opensuse canonical debian mariadb	4.0
2016-01-21	CVE-2016-0596	Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. network low complexity redhat oracle debian opensuse canonical mariadb	4.0
2016-01-21	CVE-2016-0505	Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options. network low complexity redhat oracle canonical debian opensuse mariadb	6.8