Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-01-15 | CVE-2020-2589 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability... | Ubuntu_linux, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql | 4.9 | ||
2020-01-15 | CVE-2020-2627 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:... | Ubuntu_linux, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql | 6.5 | ||
2020-01-15 | CVE-2020-2660 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9... | Ubuntu_linux, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql | 4.9 | ||
2020-01-15 | CVE-2020-2679 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS... | Ubuntu_linux, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql | 4.9 | ||
2020-01-15 | CVE-2020-2686 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS... | Ubuntu_linux, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql | 6.5 | ||
2020-01-15 | CVE-2020-2694 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.18 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector:... | Ubuntu_linux, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql | 3.1 | ||
2016-02-15 | CVE-2016-0746 | Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing. | Xcode, Ubuntu_linux, Debian_linux, Nginx, Leap | 9.8 | ||
2016-02-15 | CVE-2016-0747 | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | Xcode, Ubuntu_linux, Debian_linux, Nginx, Leap | 5.3 | ||
2015-11-06 | CVE-2015-6855 | hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash. | Eos, Ubuntu_linux, Debian_linux, Fedora, Qemu, Linux_enterprise_desktop, Linux_enterprise_server | 7.5 | ||
2016-02-15 | CVE-2016-0742 | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. | Xcode, Ubuntu_linux, Debian_linux, Nginx, Leap, Software_collections | 7.5 |