mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML...

Design/Logic Flaw

The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 6.1 before 6.1.3.6, 6.3 before 6.3.1.3, 6.4 before 6.4.1.4, and 7.1 before 7.1.0.2; Tivoli Storage FlashCopy Manager: FlashCopy Manager for Microsoft Exchange Server 2.1, 2.2, 3.1...

CVE-2015-4331

Cisco Prime Infrastructure PI 1.40.45 and earlier, when AAA authentication is used, allows remote authenticated users to bypass intended access restrictions via a username with a modified composition of lowercase and uppercase characters, aka Bug ID CSum59958...

CVE-2015-4534

Java Method Server JMS in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 allows remote authenticated users to execute arbitrary code by forging a signature for a query string that lacks the methodverb parameter...

Design/Logic Flaw

Java Method Server JMS in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02, when debugtrace is configured, allows remote authenticated users to gain super-user privileges by leveraging the ability to read a log file containing ...

CVE-2015-4319

The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server VCS Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords via unspecified vectors, aka Bug ID CSCuv12338...

CVE-2015-4319

CVE-2015-4319 affects Cisco TelePresence Video Communication Server (VCS) Expressway; the Password Change function in the Administrative Web Interface fails to properly enforce authorization, enabling an authenticated, remote attacker to reset arbitrary active-user passwords via crafted packets. ...

mysql: unspecified vulnerability related to Server:Security:Privileges (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges...

mysql: unspecified vulnerability related to Server:Optimizer (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer...

mysql: unspecified vulnerability related to Server:DML (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML...

mysql: unspecified vulnerability related to Server:Pluggable Auth (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth...

mysql: unspecified vulnerability related to Server:Security:Firewall (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769...

mysql: unspecified vulnerability related to Server:Compiling (CPU April 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling...

mysql: unspecified vulnerability related to Server:I_S (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : IS...

mysql: unspecified vulnerability related to Server:RBR (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR...

CVE-2015-4328

Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified...

DEBIAN-CVE-2015-5163

The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...

Cisco TelePresence Video Communication Server Expressway User Forgery Vulnerability

Cisco TelePresence Video Communication Server is a video conferencing solution that integrates h.323 and SIP. A security vulnerability exists in Cisco TelePresence Video Communication Server Expressway that allows remotely authenticated users to send special SIP messages to register for phone cal...

Cisco Edge 340 Series Digital Media Player File Viewing Vulnerability

The Cisco Edge 340 Series Digital Media Player is a digital media playback application device. A security vulnerability exists in the Cisco Edge 340 Series Digital Media Player that allows a remote, authenticated user to configure the export function using the WEB graphical user interface to view...

mysql: unspecified vulnerability related to Server:Security:Firewall (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767...