| 2016-11-04 | CVE-2016-8576 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process. | 6.0 |
| 2016-10-25 | CVE-2016-5629 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated. | 4.9 |
| 2016-10-25 | CVE-2016-5626 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. | 6.5 |
| 2016-10-25 | CVE-2016-5624 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. | 6.5 |
| 2016-10-25 | CVE-2016-5612 | Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. | 6.5 |
| 2016-10-25 | CVE-2016-3492 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. | 6.5 |
| 2016-10-13 | CVE-2016-7796 | Improper Input Validation vulnerability in multiple products
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled. | 5.5 |
| 2016-10-07 | CVE-2016-1000007 | Cross-site Scripting vulnerability in Redhat Pagure 2.2.1
Pagure 2.2.1 XSS in raw file endpoint | 6.1 |
| 2016-10-03 | CVE-2016-7046 | Resource Management Errors vulnerability in Redhat Jboss Enterprise Application Platform 7.0
Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating as a reverse-proxy with default buffer sizes, allows remote attackers to cause a denial of service (CPU and disk consumption) via a long URL. | 5.9 |
| 2016-10-03 | CVE-2016-5398 | Cross-site Scripting vulnerability in Redhat Jboss BPM Suite
Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes. | 5.4 |