Search for packages
| purl | pkg:deb/ubuntu/mariadb-10.0@10.0.17-0ubuntu1 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-115q-hx34-aaae
Aliases: CVE-2016-5629 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated. |
Affected by 60 other vulnerabilities. |
|
VCID-1192-s5bz-aaac
Aliases: CVE-2018-2562 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-139g-7kjz-aaap
Aliases: CVE-2018-2640 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-17ru-2rwj-aaag
Aliases: CVE-2015-4792 |
CVE-2015-4792 mysql: unspecified vulnerability related to Server:Partition (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-1eer-xk66-aaap
Aliases: CVE-2016-0505 |
CVE-2016-0505 mysql: unspecified vulnerability in subcomponent: Server: Options (CPU January 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-1ejf-2dbv-aaah
Aliases: CVE-2018-3143 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 1 other vulnerability. |
|
VCID-1hty-da2c-aaab
Aliases: CVE-2015-4910 |
CVE-2015-4910 mysql: unspecified vulnerability related to Server:Memcached (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-1mbs-2src-aaap
Aliases: CVE-2015-4761 |
CVE-2015-4761 mysql: unspecified vulnerability related to Server:Memcached (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-1nm6-deb8-aaaj
Aliases: CVE-2017-3651 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-1xd8-ezzx-aaaq
Aliases: CVE-2016-0655 |
CVE-2016-0655 mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU April 2016) |
Affected by 75 other vulnerabilities. |
|
VCID-2ebg-zbky-aaab
Aliases: CVE-2018-2784 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-2kpa-q8qy-aaah
Aliases: CVE-2015-4819 |
CVE-2015-4819 mysql: unspecified vulnerability related to Client programs (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-2pwf-ewyj-aaas
Aliases: CVE-2015-4815 |
CVE-2015-4815 mysql: unspecified vulnerability related to Server:DDL (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-36jr-q6u9-aaaq
Aliases: CVE-2015-2639 |
CVE-2015-2639 mysql: unspecified vulnerability related to Server:Security:Firewall (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-37nt-vpbc-aaac
Aliases: CVE-2017-3600 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-3bgb-nm16-aaas
Aliases: CVE-2015-4772 |
CVE-2015-4772 mysql: unspecified vulnerability related to Server:Partition (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-3e38-h7wr-aaaf
Aliases: CVE-2016-3452 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption. |
Affected by 75 other vulnerabilities. |
|
VCID-3n74-bgyd-aaan
Aliases: CVE-2015-4862 |
CVE-2015-4862 mysql: unspecified vulnerability related to Server:DML (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-3xn3-68dt-aaam
Aliases: CVE-2017-3464 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-4cz6-rnfp-aaaf
Aliases: CVE-2015-2617 |
CVE-2015-2617 mysql: unspecified vulnerability related to Server:Partition (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-4gzx-3qqj-aaag
Aliases: CVE-2016-0643 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML. |
Affected by 75 other vulnerabilities. |
|
VCID-4hma-18hb-aaap
Aliases: CVE-2017-3653 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-4kdy-frzu-aaaf
Aliases: CVE-2016-3459 |
CVE-2016-3459 mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU July 2016) |
Affected by 75 other vulnerabilities. |
|
VCID-4m1s-g9g2-aaag
Aliases: CVE-2015-4836 |
CVE-2015-4836 mysql: unspecified vulnerability related to Server:SP (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-4mx4-bn7n-aaac
Aliases: CVE-2015-2611 |
CVE-2015-2611 mysql: unspecified vulnerability related to Server:DML (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-4r28-9jq1-aaam
Aliases: CVE-2018-2787 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-4t5p-ssrk-aaag
Aliases: CVE-2016-0610 |
CVE-2016-0610 mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU January 2016) |
Affected by 103 other vulnerabilities. |
|
VCID-5bcm-q17p-aaam
Aliases: CVE-2015-4752 |
CVE-2015-4752 mysql: unspecified vulnerability related to Server:I_S (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-5bmx-syqk-aaak
Aliases: CVE-2017-10384 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | There are no reported fixed by versions. |
|
VCID-5d3w-tppt-aaap
Aliases: CVE-2018-2819 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-5kvb-ge59-aaac
Aliases: CVE-2016-0648 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS. |
Affected by 75 other vulnerabilities. |
|
VCID-5kzw-z6wa-aaaq
Aliases: CVE-2016-0596 |
CVE-2016-0596 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-5nyu-kqa8-aaap
Aliases: CVE-2015-4766 |
CVE-2015-4766 mysql: unspecified vulnerability related to Server:Security:Firewall (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-5udz-k24z-aaad
Aliases: CVE-2018-2813 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-5up4-srpq-aaab
Aliases: CVE-2016-3492 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. |
Affected by 60 other vulnerabilities. |
|
VCID-6324-mp8e-aaaj
Aliases: CVE-2016-0642 |
CVE-2016-0642 mysql: unspecified vulnerability in subcomponent: Server: Federated (CPU April 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-63z8-ft1d-aaam
Aliases: CVE-2015-4870 |
CVE-2015-4870 mysql: unspecified vulnerability related to Server:Parser (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-6hn5-gv32-aaas
Aliases: CVE-2016-7440 |
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. |
Affected by 60 other vulnerabilities. |
|
VCID-6v4x-ejj6-aaak
Aliases: CVE-2016-5626 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. |
Affected by 60 other vulnerabilities. |
|
VCID-6v69-gnjx-aaaf
Aliases: CVE-2018-2771 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-72t9-2jrh-aaah
Aliases: CVE-2017-3291 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-74vj-wwbj-aaap
Aliases: CVE-2018-2761 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-7jv3-eumj-aaab
Aliases: CVE-2016-5612 |
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. |
Affected by 68 other vulnerabilities. |
|
VCID-7ppa-1696-aaas
Aliases: CVE-2018-3156 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 1 other vulnerability. |
|
VCID-7v7x-11k7-aaaa
Aliases: CVE-2017-3318 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-7xtp-5ds1-aaaj
Aliases: CVE-2015-4866 |
CVE-2015-4866 mysql: unspecified vulnerability related to Server:InnoDB (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-88cp-mnzz-aaar
Aliases: CVE-2015-2641 |
CVE-2015-2641 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-88ez-43je-aaam
Aliases: CVE-2016-5444 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection. |
Affected by 75 other vulnerabilities. |
|
VCID-8k6k-nfq5-aaaj
Aliases: CVE-2018-2817 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-8zfx-xyk4-aaaa
Aliases: CVE-2016-0598 |
CVE-2016-0598 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-92xk-svnp-aaan
Aliases: CVE-2015-2582 |
CVE-2015-2582 mysql: unspecified vulnerability related to Server:GIS (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-99wy-e9hh-aaaf
Aliases: CVE-2015-4767 |
CVE-2015-4767 mysql: unspecified vulnerability related to Server:Security:Firewall (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-9jhu-6uu5-aaaf
Aliases: CVE-2016-0650 |
CVE-2016-0650 mysql: unspecified vulnerability in subcomponent: Server: Replication (CPU April 2016) |
Affected by 75 other vulnerabilities. |
|
VCID-9jmk-jqwv-aaad
Aliases: CVE-2017-3456 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-9vug-epvq-aaaj
Aliases: CVE-2018-2612 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-9y22-1k2k-aaaj
Aliases: CVE-2017-10379 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-ah4j-2w2h-aaaa
Aliases: CVE-2015-4800 |
CVE-2015-4800 mysql: unspecified vulnerability related to Server:Optimizer (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-b1bp-ufex-aaah
Aliases: CVE-2016-5624 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. |
Affected by 60 other vulnerabilities. |
|
VCID-b6m3-1z67-aaam
Aliases: CVE-2016-0606 |
CVE-2016-0606 mysql: unspecified vulnerability in subcomponent: Server: Security: Encryption (CPU January 2016) |
Affected by 102 other vulnerabilities. |
|
VCID-b9fk-nfy3-aaar
Aliases: CVE-2016-0616 |
CVE-2016-0616 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU January 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-bd9v-tw1d-aaah
Aliases: CVE-2018-3066 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-bj4k-d9c6-aaab
Aliases: CVE-2016-5630 |
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. |
Affected by 68 other vulnerabilities. |
|
VCID-bz39-dfvf-aaas
Aliases: CVE-2017-3317 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-bzx9-r4xf-aaad
Aliases: CVE-2016-0641 |
CVE-2016-0641 mysql: unspecified vulnerability in subcomponent: Server: MyISAM (CPU April 2016) |
Affected by 75 other vulnerabilities. |
|
VCID-c24k-43p9-aaac
Aliases: CVE-2016-0649 |
CVE-2016-0649 mysql: unspecified vulnerability in subcomponent: Server: PS (CPU April 2016) |
Affected by 75 other vulnerabilities. |
|
VCID-c2hr-mzvt-aaag
Aliases: CVE-2015-4816 |
CVE-2015-4816 mysql: unspecified vulnerability related to Server:InnoDB (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-c42s-yeuw-aaab
Aliases: CVE-2015-2643 |
CVE-2015-2643 mysql: unspecified vulnerability related to Server:Optimizer (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-c57v-z86c-aaar
Aliases: CVE-2015-2648 |
CVE-2015-2648 mysql: unspecified vulnerability related to Server:DML (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-c5v7-728e-aaab
Aliases: CVE-2017-3238 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-cakp-6c4t-aaap
Aliases: CVE-2017-3265 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-cbc5-ydxr-aaaq
Aliases: CVE-2016-0668 |
CVE-2016-0668 mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU April 2016) |
Affected by 75 other vulnerabilities. |
|
VCID-cd67-738n-aaab
Aliases: CVE-2016-5584 |
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption. |
Affected by 60 other vulnerabilities. |
|
VCID-cqk4-vjy3-aaan
Aliases: CVE-2016-5440 |
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR. |
Affected by 68 other vulnerabilities. |
|
VCID-cttf-pxck-aaam
Aliases: CVE-2015-3152 |
CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM) |
Affected by 103 other vulnerabilities. |
|
VCID-dq94-p3v8-aaah
Aliases: CVE-2015-4730 |
CVE-2015-4730 mysql: unspecified vulnerability related to Server:Types (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-dxaq-qnzc-aaar
Aliases: CVE-2015-4879 |
CVE-2015-4879 mysql: unspecified vulnerability related to Server:DML (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-e1g3-x2a4-aaak
Aliases: CVE-2018-2668 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-ehmb-evzv-aaam
Aliases: CVE-2016-0651 |
CVE-2016-0651 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU April 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-evfy-k8kp-aaad
Aliases: CVE-2018-2767 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-f4ah-8mee-aaaf
Aliases: CVE-2015-4913 |
CVE-2015-4913 mysql: unspecified vulnerability related to Server:DML (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-fg4p-hf8k-aaag
Aliases: CVE-2016-0608 |
CVE-2016-0608 mysql: unspecified vulnerability in subcomponent: Server: UDF (CPU January 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-fhyr-8wrf-aaaq
Aliases: CVE-2016-3521 |
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types. |
Affected by 68 other vulnerabilities. |
|
VCID-g8rd-8yf4-aaam
Aliases: CVE-2018-3174 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H). |
Affected by 1 other vulnerability. |
|
VCID-g9fk-hv1m-aaan
Aliases: CVE-2015-4895 |
CVE-2015-4895 mysql: unspecified vulnerability related to Server:InnoDB (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-ge1s-u365-aaac
Aliases: CVE-2016-0644 |
CVE-2016-0644 mysql: unspecified vulnerability in subcomponent: Server: DDL (CPU April 2016) |
Affected by 75 other vulnerabilities. |
|
VCID-gqqx-zubw-aaap
Aliases: CVE-2016-0666 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges. |
Affected by 75 other vulnerabilities. |
|
VCID-gxb6-55hs-aaae
Aliases: CVE-2018-3282 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 1 other vulnerability. |
|
VCID-h5qr-yjht-aaas
Aliases: CVE-2019-2503 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H). |
Affected by 1 other vulnerability. |
|
VCID-j3xt-jgfu-aaaq
Aliases: CVE-2015-4833 |
CVE-2015-4833 mysql: unspecified vulnerability related to Server:Partition (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-jat4-zxyp-aaah
Aliases: CVE-2016-0546 |
CVE-2016-0546 mysql: unspecified vulnerability in subcomponent: Client (CPU January 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-jgdu-6wcg-aaaa
Aliases: CVE-2019-2537 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 1 other vulnerability. |
|
VCID-juvh-e8p9-aaad
Aliases: CVE-2016-8283 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. |
Affected by 60 other vulnerabilities. |
|
VCID-k18m-23m7-aaaa
Aliases: CVE-2016-6662 |
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15. |
Affected by 68 other vulnerabilities. |
|
VCID-kdd2-tjef-aaak
Aliases: CVE-2015-4905 |
CVE-2015-4905 mysql: unspecified vulnerability related to Server:DML (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-khnn-cgjf-aaap
Aliases: CVE-2015-2661 |
CVE-2015-2661 mysql: unspecified vulnerability related to Client (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-m1vg-yf3y-aaad
Aliases: CVE-2015-4757 |
CVE-2015-4757 mysql: unspecified vulnerability related to Server:Optimizer (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-mese-aqvd-aaak
Aliases: CVE-2016-3615 |
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML. |
Affected by 68 other vulnerabilities. |
|
VCID-mkgf-y43x-aaas
Aliases: CVE-2017-3309 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-mw7a-9n6d-aaap
Aliases: CVE-2016-6663 |
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table. |
Affected by 60 other vulnerabilities. |
|
VCID-n2xx-ut1u-aaam
Aliases: CVE-2016-3477 |
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser. |
Affected by 68 other vulnerabilities. |
|
VCID-n68w-9u3k-aaaj
Aliases: CVE-2017-3453 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-n6vg-vdhx-aaaa
Aliases: CVE-2015-4858 |
CVE-2015-4858 mysql: unspecified vulnerability related to Server:DML (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-ne8u-rdyq-aaag
Aliases: CVE-2017-3312 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-nh85-vw9z-aaab
Aliases: CVE-2018-3058 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-njun-3xhu-aaah
Aliases: CVE-2018-2622 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-p1j4-k3cm-aaam
Aliases: CVE-2016-0609 |
CVE-2016-0609 mysql: unspecified vulnerability in subcomponent: Server: Security: Privileges (CPU January 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-p2wc-vc5f-aaar
Aliases: CVE-2018-3133 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-p91s-wb8w-aaad
Aliases: CVE-2018-3064 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-ph29-mzzq-aaae
Aliases: CVE-2018-2755 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-pj5g-uj5e-aaad
Aliases: CVE-2018-2782 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-pm3m-dw31-aaaq
Aliases: CVE-2017-3641 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-pxwc-tuq1-aaas
Aliases: CVE-2017-3244 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-q78k-82bq-aaaf
Aliases: CVE-2017-3257 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-qp7n-z6ea-aaab
Aliases: CVE-2017-3302 |
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3. |
Affected by 9 other vulnerabilities. |
|
VCID-qz97-tjsu-aaae
Aliases: CVE-2017-3258 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-r19u-y84k-aaaf
Aliases: CVE-2017-10286 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-r2b4-w5de-aaar
Aliases: CVE-2015-4737 |
CVE-2015-4737 mysql: unspecified vulnerability related to Server:Pluggable Auth (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-r3ka-ad35-aaaj
Aliases: CVE-2017-3243 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts). |
Affected by 49 other vulnerabilities. |
|
VCID-rwy8-7x2w-aaar
Aliases: CVE-2015-4864 |
CVE-2015-4864 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-rx3p-j9pr-aaak
Aliases: CVE-2015-4830 |
CVE-2015-4830 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-s1m7-jh46-aaar
Aliases: CVE-2018-2766 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-sxhk-6nqq-aaaf
Aliases: CVE-2017-3308 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-syvk-1ewz-aaan
Aliases: CVE-2015-4826 |
CVE-2015-4826 mysql: unspecified vulnerability related to Server:Types (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-tsch-3ccd-aaam
Aliases: CVE-2015-4756 |
CVE-2015-4756 mysql: unspecified vulnerability related to Server:InnoDB (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-ud1j-t8cd-aaac
Aliases: CVE-2016-0597 |
CVE-2016-0597 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU January 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-ugtn-39k3-aaas
Aliases: CVE-2019-2455 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-uzuq-4m1a-aaaj
Aliases: CVE-2015-7744 |
wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack. |
Affected by 103 other vulnerabilities. |
|
VCID-v5hm-kdzc-aaaf
Aliases: CVE-2018-3081 |
Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.0 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-vjk6-9r8q-aaac
Aliases: CVE-2016-2047 |
CVE-2016-2047 mysql: ssl-validate-cert incorrect hostname check |
Affected by 90 other vulnerabilities. |
|
VCID-vmp9-x7q1-aaah
Aliases: CVE-2016-3471 |
CVE-2016-3471 mysql: unspecified vulnerability in subcomponent: Server: Option (CPU July 2016) |
Affected by 149 other vulnerabilities. |
|
VCID-w2vy-gxvx-aaaq
Aliases: CVE-2018-2781 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-w6wt-zzf3-aaaa
Aliases: CVE-2017-10378 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-wkhp-pqxv-aaae
Aliases: CVE-2019-2529 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 1 other vulnerability. |
|
VCID-wm3k-687m-aaar
Aliases: CVE-2018-3063 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-wm7g-13x4-aaap
Aliases: CVE-2016-0646 |
CVE-2016-0646 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU April 2016) |
Affected by 75 other vulnerabilities. |
|
VCID-wnet-7ktr-aaap
Aliases: CVE-2015-4890 |
CVE-2015-4890 mysql: unspecified vulnerability related to Server:Replication (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-wteq-ve4a-aaam
Aliases: CVE-2015-4802 |
CVE-2015-4802 mysql: unspecified vulnerability related to Server:Partition (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-wway-y8yf-aaaq
Aliases: CVE-2018-3251 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 1 other vulnerability. |
|
VCID-www5-jeqf-aaak
Aliases: CVE-2016-0647 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS. |
Affected by 75 other vulnerabilities. |
|
VCID-x8db-y9mb-aaad
Aliases: CVE-2015-4861 |
CVE-2015-4861 mysql: unspecified vulnerability related to Server:InnoDB (CPU October 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-xcw8-2z32-aaas
Aliases: CVE-2017-10268 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-xwya-sp9a-aaad
Aliases: CVE-2015-4769 |
CVE-2015-4769 mysql: unspecified vulnerability related to Server:Security:Firewall (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-y32y-72qf-aaad
Aliases: CVE-2016-6664 |
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files. |
Affected by 49 other vulnerabilities. |
|
VCID-y7q6-dj42-aaac
Aliases: CVE-2015-2620 |
CVE-2015-2620 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-ydcs-34sm-aaam
Aliases: CVE-2018-2665 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-ywkb-3a9z-aaap
Aliases: CVE-2015-4771 |
CVE-2015-4771 mysql: unspecified vulnerability related to Server:RBR (CPU July 2015) |
Affected by 103 other vulnerabilities. |
|
VCID-z5p4-5dbc-aaad
Aliases: CVE-2016-0640 |
CVE-2016-0640 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU April 2016) |
Affected by 75 other vulnerabilities. |
|
VCID-z6nr-sw97-aaaa
Aliases: CVE-2017-3636 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L). |
Affected by 9 other vulnerabilities. |
|
VCID-z7ge-q7w1-aaaa
Aliases: CVE-2016-0600 |
CVE-2016-0600 mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU January 2016) |
Affected by 90 other vulnerabilities. |
|
VCID-zeaa-ppnm-aaah
Aliases: CVE-2015-4904 |
CVE-2015-4904 mysql: unspecified vulnerability related to libmysqld (CPU October 2015) |
Affected by 103 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|