Search for packages
| purl | pkg:deb/ubuntu/mysql-5.5@5.5.20-0ubuntu3 |
| Next non-vulnerable version | 5.5.62-0ubuntu0.14.04.1 |
| Latest non-vulnerable version | 5.5.62-0ubuntu0.14.04.1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-115q-hx34-aaae
Aliases: CVE-2016-5629 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated. |
Affected by 58 other vulnerabilities. |
|
VCID-1192-s5bz-aaac
Aliases: CVE-2018-2562 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H). |
Affected by 18 other vulnerabilities. |
|
VCID-139g-7kjz-aaap
Aliases: CVE-2018-2640 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 18 other vulnerabilities. |
|
VCID-17ru-2rwj-aaag
Aliases: CVE-2015-4792 |
CVE-2015-4792 mysql: unspecified vulnerability related to Server:Partition (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-1c8u-6jn9-aaah
Aliases: CVE-2014-6496 |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494. |
Affected by 137 other vulnerabilities. |
|
VCID-1eer-xk66-aaap
Aliases: CVE-2016-0505 |
CVE-2016-0505 mysql: unspecified vulnerability in subcomponent: Server: Options (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-1jb4-xj73-aaap
Aliases: CVE-2017-3652 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N). |
Affected by 27 other vulnerabilities. |
|
VCID-1nm6-deb8-aaaj
Aliases: CVE-2017-3651 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). |
Affected by 27 other vulnerabilities. |
|
VCID-1qzq-d8bq-aaas
Aliases: CVE-2014-6530 |
CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-2kpa-q8qy-aaah
Aliases: CVE-2015-4819 |
CVE-2015-4819 mysql: unspecified vulnerability related to Client programs (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-2pwf-ewyj-aaas
Aliases: CVE-2015-4815 |
CVE-2015-4815 mysql: unspecified vulnerability related to Server:DDL (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-2t76-rmk7-aaag
Aliases: CVE-2015-0381 |
CVE-2015-0381 mysql: unspecified vulnerability related to Server:Replication (CPU Jan 2015) |
Affected by 131 other vulnerabilities. |
|
VCID-34gs-ux6v-aaar
Aliases: CVE-2014-6478 |
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL. |
Affected by 137 other vulnerabilities. |
|
VCID-37nt-vpbc-aaac
Aliases: CVE-2017-3600 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H). |
Affected by 34 other vulnerabilities. |
|
VCID-3c9r-zfwf-aaad
Aliases: CVE-2014-6555 |
CVE-2014-6555 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-3e38-h7wr-aaaf
Aliases: CVE-2016-3452 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption. |
Affected by 71 other vulnerabilities. |
|
VCID-3hr6-2ab9-aaas
Aliases: CVE-2014-2419 |
CVE-2014-2419 mysql: unspecified DoS related to Partition (CPU April 2014) |
Affected by 162 other vulnerabilities. |
|
VCID-3kj5-47gk-aaae
Aliases: CVE-2015-0382 |
CVE-2015-0382 mysql: unspecified vulnerability related to Server:Replication (CPU Jan 2015) |
Affected by 131 other vulnerabilities. |
|
VCID-3xn3-68dt-aaam
Aliases: CVE-2017-3464 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). |
Affected by 34 other vulnerabilities. |
|
VCID-4cz6-rnfp-aaaf
Aliases: CVE-2015-2617 |
CVE-2015-2617 mysql: unspecified vulnerability related to Server:Partition (CPU July 2015) |
Affected by 114 other vulnerabilities. |
|
VCID-4gzx-3qqj-aaag
Aliases: CVE-2016-0643 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML. |
Affected by 71 other vulnerabilities. |
|
VCID-4hma-18hb-aaap
Aliases: CVE-2017-3653 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N). |
Affected by 27 other vulnerabilities. |
|
VCID-4m1s-g9g2-aaag
Aliases: CVE-2015-4836 |
CVE-2015-4836 mysql: unspecified vulnerability related to Server:SP (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-4mx4-bn7n-aaac
Aliases: CVE-2015-2611 |
CVE-2015-2611 mysql: unspecified vulnerability related to Server:DML (CPU July 2015) |
Affected by 114 other vulnerabilities. |
|
VCID-4zst-99fa-aaaj
Aliases: CVE-2014-6520 |
CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-4zxz-4nxm-aaap
Aliases: CVE-2012-5615 |
CVE-2012-5615 mysql: Remote Preauth User Enumeration flaw |
Affected by 137 other vulnerabilities. |
|
VCID-5bcm-q17p-aaam
Aliases: CVE-2015-4752 |
CVE-2015-4752 mysql: unspecified vulnerability related to Server:I_S (CPU July 2015) |
Affected by 114 other vulnerabilities. |
|
VCID-5bmx-syqk-aaak
Aliases: CVE-2017-10384 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 23 other vulnerabilities. |
|
VCID-5cvc-vkzv-aaak
Aliases: CVE-2014-6469 |
CVE-2014-6469 mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-5d3w-tppt-aaap
Aliases: CVE-2018-2819 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-5dc7-sf3n-aaan
Aliases: CVE-2015-0505 |
CVE-2015-0505 mysql: unspecified vulnerability related to Server:DDL (CPU April 2015) |
Affected by 123 other vulnerabilities. |
|
VCID-5kvb-ge59-aaac
Aliases: CVE-2016-0648 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS. |
Affected by 71 other vulnerabilities. |
|
VCID-5kzw-z6wa-aaaq
Aliases: CVE-2016-0596 |
CVE-2016-0596 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-5npm-gvj2-aaag
Aliases: CVE-2014-4287 |
CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-5udz-k24z-aaad
Aliases: CVE-2018-2813 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). |
Affected by 9 other vulnerabilities. |
|
VCID-5up4-srpq-aaab
Aliases: CVE-2016-3492 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. |
Affected by 58 other vulnerabilities. |
|
VCID-6324-mp8e-aaaj
Aliases: CVE-2016-0642 |
CVE-2016-0642 mysql: unspecified vulnerability in subcomponent: Server: Federated (CPU April 2016) |
Affected by 71 other vulnerabilities. |
|
VCID-63z8-ft1d-aaam
Aliases: CVE-2015-4870 |
CVE-2015-4870 mysql: unspecified vulnerability related to Server:Parser (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-6hn5-gv32-aaas
Aliases: CVE-2016-7440 |
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. |
Affected by 56 other vulnerabilities. |
|
VCID-6jph-vy9n-aaae
Aliases: CVE-2014-6507 |
CVE-2014-6507 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-6rck-rs9e-aaah
Aliases: CVE-2014-2431 |
CVE-2014-2431 mysql: unspecified DoS related to Options (CPU April 2014) |
Affected by 162 other vulnerabilities. |
|
VCID-6v4x-ejj6-aaak
Aliases: CVE-2016-5626 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. |
Affected by 58 other vulnerabilities. |
|
VCID-6v69-gnjx-aaaf
Aliases: CVE-2018-2771 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-72t9-2jrh-aaah
Aliases: CVE-2017-3291 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-74vj-wwbj-aaap
Aliases: CVE-2018-2761 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-76ee-ydbh-aaan
Aliases: CVE-2014-6491 |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500. |
Affected by 137 other vulnerabilities. |
|
VCID-7jv3-eumj-aaab
Aliases: CVE-2016-5612 |
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. |
Affected by 58 other vulnerabilities. |
|
VCID-7tsg-wb86-aaag
Aliases: CVE-2014-2436 |
CVE-2014-2436 mysql: unspecified vulnerability related to RBR (CPU April 2014) |
Affected by 162 other vulnerabilities. |
|
VCID-7ue9-taq9-aaad
Aliases: CVE-2015-0499 |
CVE-2015-0499 mysql: unspecified vulnerability related to Server:Federated (CPU April 2015) |
Affected by 123 other vulnerabilities. |
|
VCID-7v7x-11k7-aaaa
Aliases: CVE-2017-3318 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-86v3-cu3g-aaab
Aliases: CVE-2016-0503 |
CVE-2016-0503 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016) |
Affected by 97 other vulnerabilities. |
|
VCID-88ez-43je-aaam
Aliases: CVE-2016-5444 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection. |
Affected by 71 other vulnerabilities. |
|
VCID-8k6k-nfq5-aaaj
Aliases: CVE-2018-2817 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-8tg3-k38z-aaak
Aliases: CVE-2014-4243 |
CVE-2014-4243 mysql: unspecified vulnerability related to ENFED (CPU July 2014) |
Affected by 162 other vulnerabilities. |
|
VCID-8zfx-xyk4-aaaa
Aliases: CVE-2016-0598 |
CVE-2016-0598 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-92xk-svnp-aaan
Aliases: CVE-2015-2582 |
CVE-2015-2582 mysql: unspecified vulnerability related to Server:GIS (CPU July 2015) |
Affected by 114 other vulnerabilities. |
|
VCID-9gv2-77jm-aaap
Aliases: CVE-2014-4207 |
CVE-2014-4207 mysql: unspecified vulnerability related to SROPTZR (CPU July 2014) |
Affected by 158 other vulnerabilities. |
|
VCID-9jhu-6uu5-aaaf
Aliases: CVE-2016-0650 |
CVE-2016-0650 mysql: unspecified vulnerability in subcomponent: Server: Replication (CPU April 2016) |
Affected by 71 other vulnerabilities. |
|
VCID-9jmk-jqwv-aaad
Aliases: CVE-2017-3456 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 34 other vulnerabilities. |
|
VCID-9y22-1k2k-aaaj
Aliases: CVE-2017-10379 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). |
Affected by 23 other vulnerabilities. |
|
VCID-acnj-weas-aaaf
Aliases: CVE-2018-2818 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-ahmd-81af-aaaf
Aliases: CVE-2015-0432 |
CVE-2015-0432 mysql: unspecified vulnerability related to Server:InnoDB:DDL:Foreign Key (CPU Jan 2015) |
Affected by 131 other vulnerabilities. |
|
VCID-b1bp-ufex-aaah
Aliases: CVE-2016-5624 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. |
Affected by 58 other vulnerabilities. |
|
VCID-b6m3-1z67-aaam
Aliases: CVE-2016-0606 |
CVE-2016-0606 mysql: unspecified vulnerability in subcomponent: Server: Security: Encryption (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-b9fk-nfy3-aaar
Aliases: CVE-2016-0616 |
CVE-2016-0616 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-bd9v-tw1d-aaah
Aliases: CVE-2018-3066 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N). |
Affected by 3 other vulnerabilities. |
|
VCID-bf6b-2f2t-aaak
Aliases: CVE-2017-3329 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). |
Affected by 34 other vulnerabilities. |
|
VCID-bknz-4n39-aaaf
Aliases: CVE-2014-0384 |
CVE-2014-0384 mysql: unspecified DoS related to XML (CPU April 2014) |
Affected by 162 other vulnerabilities. |
|
VCID-bsg5-tme9-aaan
Aliases: CVE-2017-3648 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 27 other vulnerabilities. |
|
VCID-bx8v-2jyj-aaad
Aliases: CVE-2014-6551 |
CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-bz39-dfvf-aaas
Aliases: CVE-2017-3317 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-bzx9-r4xf-aaad
Aliases: CVE-2016-0641 |
CVE-2016-0641 mysql: unspecified vulnerability in subcomponent: Server: MyISAM (CPU April 2016) |
Affected by 71 other vulnerabilities. |
|
VCID-c24k-43p9-aaac
Aliases: CVE-2016-0649 |
CVE-2016-0649 mysql: unspecified vulnerability in subcomponent: Server: PS (CPU April 2016) |
Affected by 71 other vulnerabilities. |
|
VCID-c2hr-mzvt-aaag
Aliases: CVE-2015-4816 |
CVE-2015-4816 mysql: unspecified vulnerability related to Server:InnoDB (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-c42s-yeuw-aaab
Aliases: CVE-2015-2643 |
CVE-2015-2643 mysql: unspecified vulnerability related to Server:Optimizer (CPU July 2015) |
Affected by 114 other vulnerabilities. |
|
VCID-c57v-z86c-aaar
Aliases: CVE-2015-2648 |
CVE-2015-2648 mysql: unspecified vulnerability related to Server:DML (CPU July 2015) |
Affected by 114 other vulnerabilities. |
|
VCID-c5v7-728e-aaab
Aliases: CVE-2017-3238 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-cakp-6c4t-aaap
Aliases: CVE-2017-3265 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-cd67-738n-aaab
Aliases: CVE-2016-5584 |
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption. |
Affected by 56 other vulnerabilities. |
|
VCID-cqk4-vjy3-aaan
Aliases: CVE-2016-5440 |
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR. |
Affected by 67 other vulnerabilities. |
|
VCID-db1p-apwd-aaaf
Aliases: CVE-2014-6495 |
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL. |
Affected by 137 other vulnerabilities. |
|
VCID-ddzd-h4un-aaas
Aliases: CVE-2014-4260 |
CVE-2014-4260 mysql: unspecified vulnerability related to SRCHAR (CPU July 2014) |
Affected by 158 other vulnerabilities. |
|
VCID-dn4f-x42j-aaag
Aliases: CVE-2017-3462 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 34 other vulnerabilities. |
|
VCID-dxaq-qnzc-aaar
Aliases: CVE-2015-4879 |
CVE-2015-4879 mysql: unspecified vulnerability related to Server:DML (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-e1g3-x2a4-aaak
Aliases: CVE-2018-2668 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 18 other vulnerabilities. |
|
VCID-ea36-7exx-aaad
Aliases: CVE-2015-0433 |
CVE-2015-0433 mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015) |
Affected by 123 other vulnerabilities. |
|
VCID-ehmb-evzv-aaam
Aliases: CVE-2016-0651 |
CVE-2016-0651 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU April 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-ep2y-13e2-aaar
Aliases: CVE-2014-6484 |
CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-evfy-k8kp-aaad
Aliases: CVE-2018-2767 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N). |
Affected by 3 other vulnerabilities. |
|
VCID-f4ah-8mee-aaaf
Aliases: CVE-2015-4913 |
CVE-2015-4913 mysql: unspecified vulnerability related to Server:DML (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-fg4p-hf8k-aaag
Aliases: CVE-2016-0608 |
CVE-2016-0608 mysql: unspecified vulnerability in subcomponent: Server: UDF (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-fhyr-8wrf-aaaq
Aliases: CVE-2016-3521 |
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types. |
Affected by 67 other vulnerabilities. |
|
VCID-g8rd-8yf4-aaam
Aliases: CVE-2018-3174 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H). |
Affected by 0 other vulnerabilities. |
|
VCID-ge1s-u365-aaac
Aliases: CVE-2016-0644 |
CVE-2016-0644 mysql: unspecified vulnerability in subcomponent: Server: DDL (CPU April 2016) |
Affected by 71 other vulnerabilities. |
|
VCID-gfsy-sxyf-aaan
Aliases: CVE-2014-6463 |
CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-gqqx-zubw-aaap
Aliases: CVE-2016-0666 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges. |
Affected by 71 other vulnerabilities. |
|
VCID-gxb6-55hs-aaae
Aliases: CVE-2018-3282 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 0 other vulnerabilities. |
|
VCID-h5ub-d8nw-aaah
Aliases: CVE-2014-0001 |
CVE-2014-0001 mysql: command-line tool buffer overflow via long server version string |
Affected by 162 other vulnerabilities. |
|
VCID-h8kd-swt2-aaah
Aliases: CVE-2017-3313 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-hen3-gsac-aaas
Aliases: CVE-2015-2573 |
CVE-2015-2573 mysql: unspecified vulnerability related to Server:DDL (CPU April 2015) |
Affected by 123 other vulnerabilities. |
|
VCID-hesz-2c5w-aaak
Aliases: CVE-2017-3635 |
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C). Supported versions that are affected are 6.1.10 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. Note: The documentation has also been updated for the correct way to use mysql_stmt_close(). Please see: https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-execute.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-fetch.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-close.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-error.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-errno.html, and https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-sqlstate.html. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 27 other vulnerabilities. |
|
VCID-hg2x-8nzb-aaac
Aliases: CVE-2014-6559 |
CVE-2014-6559 mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-jat4-zxyp-aaah
Aliases: CVE-2016-0546 |
CVE-2016-0546 mysql: unspecified vulnerability in subcomponent: Client (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-jbx9-wsax-aaah
Aliases: CVE-2014-2494 |
CVE-2014-2494 mysql: unspecified vulnerability related to ENARC (CPU July 2014) |
Affected by 158 other vulnerabilities. |
|
VCID-juvh-e8p9-aaad
Aliases: CVE-2016-8283 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. |
Affected by 58 other vulnerabilities. |
|
VCID-k18m-23m7-aaaa
Aliases: CVE-2016-6662 |
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15. |
Affected by 58 other vulnerabilities. |
|
VCID-k68e-xgfg-aaaa
Aliases: CVE-2014-6568 |
CVE-2014-6568 mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU Jan 2015) |
Affected by 131 other vulnerabilities. |
|
VCID-m1vg-yf3y-aaad
Aliases: CVE-2015-4757 |
CVE-2015-4757 mysql: unspecified vulnerability related to Server:Optimizer (CPU July 2015) |
Affected by 114 other vulnerabilities. |
|
VCID-mese-aqvd-aaak
Aliases: CVE-2016-3615 |
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML. |
Affected by 67 other vulnerabilities. |
|
VCID-mkgf-y43x-aaas
Aliases: CVE-2017-3309 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). |
Affected by 34 other vulnerabilities. |
|
VCID-mw7a-9n6d-aaap
Aliases: CVE-2016-6663 |
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table. |
Affected by 58 other vulnerabilities. |
|
VCID-n2xx-ut1u-aaam
Aliases: CVE-2016-3477 |
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser. |
Affected by 67 other vulnerabilities. |
|
VCID-n68w-9u3k-aaaj
Aliases: CVE-2017-3453 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 34 other vulnerabilities. |
|
VCID-n6vg-vdhx-aaaa
Aliases: CVE-2015-4858 |
CVE-2015-4858 mysql: unspecified vulnerability related to Server:DML (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-n8nd-vq3c-aaaf
Aliases: CVE-2015-0411 |
CVE-2015-0411 mysql: unspecified vulnerability related to Server:Security:Encryption (CPU Jan 2015) |
Affected by 131 other vulnerabilities. |
|
VCID-n9ps-3h6f-aaag
Aliases: CVE-2014-6464 |
CVE-2014-6464 mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-ne8u-rdyq-aaag
Aliases: CVE-2017-3312 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-nh85-vw9z-aaab
Aliases: CVE-2018-3058 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). |
Affected by 3 other vulnerabilities. |
|
VCID-njun-3xhu-aaah
Aliases: CVE-2018-2622 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 18 other vulnerabilities. |
|
VCID-p1j4-k3cm-aaam
Aliases: CVE-2016-0609 |
CVE-2016-0609 mysql: unspecified vulnerability in subcomponent: Server: Security: Privileges (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-p2wc-vc5f-aaar
Aliases: CVE-2018-3133 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 0 other vulnerabilities. |
|
VCID-ph29-mzzq-aaae
Aliases: CVE-2018-2755 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-pku6-z7my-aaam
Aliases: CVE-2014-2440 |
CVE-2014-2440 mysql: unspecified vulnerability related to Client (CPU April 2014) |
Affected by 162 other vulnerabilities. |
|
VCID-pm3m-dw31-aaaq
Aliases: CVE-2017-3641 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 27 other vulnerabilities. |
|
VCID-ppnu-bwt7-aaar
Aliases: CVE-2015-0501 |
CVE-2015-0501 mysql: unspecified vulnerability related to Server:Compiling (CPU April 2015) |
Affected by 123 other vulnerabilities. |
|
VCID-pq2r-amkr-aaag
Aliases: CVE-2014-4258 |
CVE-2014-4258 mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014) |
Affected by 158 other vulnerabilities. |
|
VCID-pxwc-tuq1-aaas
Aliases: CVE-2017-3244 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-qcuz-8s5j-aaah
Aliases: CVE-2015-0374 |
CVE-2015-0374 mysql: unspecified vulnerability related to Server:Security:Privileges:Foreign Key (CPU Jan 2015) |
Affected by 131 other vulnerabilities. |
|
VCID-qp7n-z6ea-aaab
Aliases: CVE-2017-3302 |
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3. |
Affected by 34 other vulnerabilities. |
|
VCID-qz97-tjsu-aaae
Aliases: CVE-2017-3258 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-r2b4-w5de-aaar
Aliases: CVE-2015-4737 |
CVE-2015-4737 mysql: unspecified vulnerability related to Server:Pluggable Auth (CPU July 2015) |
Affected by 114 other vulnerabilities. |
|
VCID-r3ka-ad35-aaaj
Aliases: CVE-2017-3243 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts). |
Affected by 46 other vulnerabilities. |
|
VCID-rwy8-7x2w-aaar
Aliases: CVE-2015-4864 |
CVE-2015-4864 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-rx3p-j9pr-aaak
Aliases: CVE-2015-4830 |
CVE-2015-4830 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-se8m-95xg-aaaa
Aliases: CVE-2014-6505 |
CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014) |
Affected by 137 other vulnerabilities. |
|
VCID-sjmc-q4br-aaak
Aliases: CVE-2014-6494 |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496. |
Affected by 137 other vulnerabilities. |
|
VCID-sq3j-v8sm-aaam
Aliases: CVE-2016-0502 |
CVE-2016-0502 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU January 2016) |
Affected by 97 other vulnerabilities. |
|
VCID-swmt-nghs-aaag
Aliases: CVE-2015-2568 |
CVE-2015-2568 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015) |
Affected by 123 other vulnerabilities. |
|
VCID-sxhk-6nqq-aaaf
Aliases: CVE-2017-3308 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). |
Affected by 34 other vulnerabilities. |
|
VCID-syu2-d1sj-aaar
Aliases: CVE-2018-2773 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-syvk-1ewz-aaan
Aliases: CVE-2015-4826 |
CVE-2015-4826 mysql: unspecified vulnerability related to Server:Types (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-t6f5-97q5-aaab
Aliases: CVE-2014-6500 |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491. |
Affected by 137 other vulnerabilities. |
|
VCID-t8mp-tp6p-aaah
Aliases: CVE-2014-4274 |
CVE-2014-4274 mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20 |
Affected by 137 other vulnerabilities. |
|
VCID-tz1s-s1nk-aaam
Aliases: CVE-2015-0441 |
CVE-2015-0441 mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015) |
Affected by 123 other vulnerabilities. |
|
VCID-u5n3-v4yy-aaac
Aliases: CVE-2014-2430 |
CVE-2014-2430 mysql: unspecified DoS related to Performance Schema (CPU April 2014) |
Affected by 162 other vulnerabilities. |
|
VCID-ud1j-t8cd-aaac
Aliases: CVE-2016-0597 |
CVE-2016-0597 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-ukwh-1ass-aaac
Aliases: CVE-2014-2432 |
CVE-2014-2432 mysql: unspecified DoS related to Federated (CPU April 2014) |
Affected by 162 other vulnerabilities. |
|
VCID-uzuq-4m1a-aaaj
Aliases: CVE-2015-7744 |
wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack. |
Affected by 97 other vulnerabilities. |
|
VCID-v5hm-kdzc-aaaf
Aliases: CVE-2018-3081 |
Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.0 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H). |
Affected by 3 other vulnerabilities. |
|
VCID-v9r8-zcv5-aaap
Aliases: CVE-2017-3461 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 34 other vulnerabilities. |
|
VCID-vjk6-9r8q-aaac
Aliases: CVE-2016-2047 |
CVE-2016-2047 mysql: ssl-validate-cert incorrect hostname check |
Affected by 71 other vulnerabilities. |
|
VCID-vkq7-dr63-aaap
Aliases: CVE-2015-0391 |
CVE-2015-0391 mysql: unspecified vulnerability related to Server:DDL (CPU Jan 2015) |
Affected by 137 other vulnerabilities. |
|
VCID-vmp9-x7q1-aaah
Aliases: CVE-2016-3471 |
CVE-2016-3471 mysql: unspecified vulnerability in subcomponent: Server: Option (CPU July 2016) |
Affected by 71 other vulnerabilities. |
|
VCID-vpy3-qe17-aaak
Aliases: CVE-2013-NNN1 on Ubuntu 14.04 LTS (trusty) - low. |
The mysql-5.5 package misses the patches applied previous in Debian's mysql-5.1 to drop the database "test" and the permissions that allow anonymous access, without a password, from localhost to the "test" database and any databases starting with "test_". This update reintroduces these patches for the mysql-5.5 package. |
Affected by 172 other vulnerabilities. |
|
VCID-w2vy-gxvx-aaaq
Aliases: CVE-2018-2781 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 9 other vulnerabilities. |
|
VCID-w6k1-vzg4-aaap
Aliases: CVE-2017-3305 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client, aka, "The Riddle". |
Affected by 34 other vulnerabilities. |
|
VCID-w6wt-zzf3-aaaa
Aliases: CVE-2017-10378 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 23 other vulnerabilities. |
|
VCID-wfnn-ettw-aaaa
Aliases: CVE-2018-3070 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 3 other vulnerabilities. |
|
VCID-wm3k-687m-aaar
Aliases: CVE-2018-3063 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 3 other vulnerabilities. |
|
VCID-wm7g-13x4-aaap
Aliases: CVE-2016-0646 |
CVE-2016-0646 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU April 2016) |
Affected by 71 other vulnerabilities. |
|
VCID-wteq-ve4a-aaam
Aliases: CVE-2015-4802 |
CVE-2015-4802 mysql: unspecified vulnerability related to Server:Partition (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-www5-jeqf-aaak
Aliases: CVE-2016-0647 |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS. |
Affected by 71 other vulnerabilities. |
|
VCID-x8db-y9mb-aaad
Aliases: CVE-2015-4861 |
CVE-2015-4861 mysql: unspecified vulnerability related to Server:InnoDB (CPU October 2015) |
Affected by 97 other vulnerabilities. |
|
VCID-xcw8-2z32-aaas
Aliases: CVE-2017-10268 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N). |
Affected by 23 other vulnerabilities. |
|
VCID-y2b5-xbgp-aaag
Aliases: CVE-2015-2571 |
CVE-2015-2571 mysql: unspecified vulnerability related to Server:Optimizer (CPU April 2015) |
Affected by 123 other vulnerabilities. |
|
VCID-y32y-72qf-aaad
Aliases: CVE-2016-6664 |
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files. |
Affected by 58 other vulnerabilities. |
|
VCID-y7q6-dj42-aaac
Aliases: CVE-2015-2620 |
CVE-2015-2620 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU July 2015) |
Affected by 114 other vulnerabilities. |
|
VCID-ydcs-34sm-aaam
Aliases: CVE-2018-2665 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
Affected by 18 other vulnerabilities. |
|
VCID-z2g7-vghy-aaaq
Aliases: CVE-2017-3463 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Affected by 34 other vulnerabilities. |
|
VCID-z5p4-5dbc-aaad
Aliases: CVE-2016-0640 |
CVE-2016-0640 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU April 2016) |
Affected by 71 other vulnerabilities. |
|
VCID-z6nr-sw97-aaaa
Aliases: CVE-2017-3636 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L). |
Affected by 27 other vulnerabilities. |
|
VCID-z7ge-q7w1-aaaa
Aliases: CVE-2016-0600 |
CVE-2016-0600 mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU January 2016) |
Affected by 86 other vulnerabilities. |
|
VCID-znyz-srzm-aaap
Aliases: CVE-2014-2438 |
CVE-2014-2438 mysql: unspecified DoS related to Replication (CPU April 2014) |
Affected by 162 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|