Oracle MySQL 5.6.x < 5.6.26 Multiple Vulnerabilities (October 2015 CPU)

The version of Oracle MySQL installed on the remote host is 5.6.x prior to 5.6.26. It is, therefore, affected by the following vulnerabilities : - A certificate validation bypass vulnerability exists in the Security:Encryption subcomponent due to a flaw in the X509verifycert function in x509vfy.c...

Oracle MySQL 5.5.x < 5.5.45 Multiple Vulnerabilities (October 2015 CPU)

The version of Oracle MySQL installed on the remote host is 5.5.x prior to 5.5.45. It is, therefore, affected by the following vulnerabilities : - An unspecified denial of service vulnerability exists in the InnoDB subcomponent which can be exploited by an authenticated, remote attacker...

CVE-2015-4819

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs...

Design/Logic Flaw

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs...

CVE-2015-4819

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs...

CVE-2015-4819

Disclaimer: This data contains information about vulnerable...

CVE-2015-4819

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs...

Microsoft Bounty Programs Expansion - .NET Core and ASP.NET Beta Bounty

Today, I have another exciting expansion of the Microsoft Bounty Programs to announce. Please visit https://aka.ms/bugbounty to find out more. I’ll be discussing this new bounty in my talk at SyScan360 on October 21, 2015. We are delighted to offer a bounty for the .NET Core and ASP.NET Beta whic...

HackerOne: HackerOne Private Programs users disclosure and de-anonymous-ize

Hi HackerOne Team, I have found a bug in HackerOne Platform allows any attacker to deanonymousize any security researcher using the platform and the most wild usage is to disclose some information about this security researcher if he is invited to a private program or not. Unfortunately HackerOne...

HackerOne: Content spoofing on invitations page

When you are an owner of a program on h1 , you are allowed to invite external users to access any report through email . As you invite someone , this is how the body of invitation is being sent through email :- link to researcher's profile invited you to join the bug Title Of The Bug for Name of...

Cisco TelePresence Video Communication Server (VCS) Expressway Privilege Escalation Vulnerability

A vulnerability in the process management code of the Cisco TelePresence Video Communication Server VCS Expressway could allow an authenticated, local attacker to run arbitrary programs with elevated privileges. The vulnerability is due to the failure to protect a supervised process. An attacker...

USN-2753-1 lxc vulnerability

Roman Fiedler discovered a directory traversal flaw in lxc-start. A local attacker with access to an LXC container could exploit this flaw to run programs inside the container that are not confined by AppArmor or expose unintended files in the host to the container...

CVE-2015-5998

Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command...

Command injection

Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command...

Amazon Linux: Security Advisory (ALAS-2013-219)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

mysql: unspecified vulnerability related to Client programs (CPU October 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs...

RHEL 5 : mysql55-mysql (RHSA-2015:1628)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1628 advisory. - mysql: unspecified vulnerability related to Server:InnoDB:DML CPU Jan 2015 CVE-2014-6568 - mysql: unspecified vulnerability related to...

[SECURITY] Fedora 23 Update: community-mysql-5.6.26-1.fc23

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

PT-2015-2544 · Oracle +6 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 5.5.44 and earlier Oracle MySQL Server versions 5.6.25 and earlier Description: The issue is related to errors in the code of the Client programs subcomponent in the MySQL database management system. Exploitation ...

Microsoft Bounty Programs Expansion - Bounty for Defense, Authentication Bonus, and RemoteApp

I am very pleased to be releasing additional expansions of the Microsoft Bounty Programs. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit https://aka.ms/BugBounty. We are raising the Bounty for Defense maximum from $50,000 USD...