Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-05-02 CVE-2015-1350 Files or Directories Accessible to External Parties vulnerability in multiple products
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.
local
low complexity
linux redhat CWE-552
5.5
5.5
2016-04-21 CVE-2016-0695 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
network
high complexity
oracle redhat
5.9
5.9
2016-04-21 CVE-2016-0666 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.
local
low complexity
redhat debian mariadb oracle opensuse ibm
5.5
5.5
2016-04-21 CVE-2016-0665 Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption.
local
low complexity
redhat oracle canonical
5.5
5.5
2016-04-21 CVE-2016-0661 Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options.
local
high complexity
oracle redhat canonical
4.7
4.7
2016-04-21 CVE-2016-0655 Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.
local
high complexity
mariadb debian opensuse oracle redhat
4.7
4.7
2016-04-21 CVE-2016-0651 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
local
low complexity
oracle mariadb suse opensuse redhat
5.5
5.5
2016-04-21 CVE-2016-0650 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication.
local
low complexity
oracle opensuse ibm redhat debian mariadb
5.5
5.5
2016-04-21 CVE-2016-0649 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.
local
low complexity
ibm redhat opensuse debian oracle mariadb
5.5
5.5
2016-04-21 CVE-2016-0648 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.
local
low complexity
debian opensuse oracle redhat ibm mariadb
5.5
5.5