Errata ALT-PU-2019-2206-1: Information
Fixes
Published: Feb. 6, 2014
BDU:2014-00066
Уязвимость системы управления базами данных MySQL, позволяющая злоумышленнику вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 15, 2014
BDU:2014-00068
Уязвимость системы управления базами данных MySQL, позволяющая злоумышленнику вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 15, 2014
BDU:2014-00083
Уязвимость системы управления базами данных MySQL, позволяющая злоумышленнику нарушить безопасность информации
Severity: MEDIUM (6.5)
Links:
Published: April 15, 2014
BDU:2014-00103
Уязвимость системы управления базами данных MySQL, позволяющая злоумышленнику вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Jan. 15, 2014
BDU:2014-00105
Уязвимость системы управления базами данных MySQL, позволяющая злоумышленнику вызвать отказ в обслуживании
Severity: LOW (3.5)
Links:
Published: April 15, 2014
BDU:2014-00342
Уязвимость системы управления базами данных MySQL, позволяющая удаленным пользователям, прошедшим аутентификацию, оказать воздействие на доступность данных
Severity: LOW (3.5)
Links:
Published: Jan. 15, 2014
BDU:2014-00344
Уязвимость системы управления базами данных MySQL, позволяющая удаленным пользователям, прошедшим аутентификацию, оказать воздействие на доступность данных
Severity: MEDIUM (4.3)
Links:
Published: Jan. 15, 2014
BDU:2014-00349
Уязвимость системы управления базами данных MySQL, позволяющая удаленным пользователям, прошедшим аутентификацию, оказать воздействие на доступность данных
Severity: LOW (2.8)
Links:
Published: April 15, 2014
BDU:2014-00358
Уязвимость системы управления базами данных MySQL, позволяющая удаленным пользователям, прошедшим аутентификацию, оказать воздействие на доступность данных
Severity: MEDIUM (4.0)
Links:
Published: April 15, 2014
BDU:2014-00359
Уязвимость системы управления базами данных MySQL, позволяющая удаленным пользователям, прошедшим аутентификацию, оказать воздействие на доступность данных
Severity: LOW (3.5)
Links:
Published: Jan. 15, 2014
BDU:2015-00594
Уязвимость программного обеспечения MariaDB Server, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (4.0)
Links:
Published: Jan. 15, 2014
BDU:2015-00595
Уязвимость программного обеспечения MariaDB Server, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (6.8)
Links:
Published: Jan. 15, 2014
BDU:2015-00596
Уязвимость программного обеспечения MariaDB Server, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (4.0)
Links:
Published: Jan. 15, 2014
BDU:2015-00597
Уязвимость программного обеспечения MariaDB Server, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (6.8)
Links:
Published: Jan. 15, 2014
BDU:2015-00614
Уязвимость системы управления базами данных MySQL, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (6.8)
Links:
Published: Jan. 15, 2014
BDU:2015-00615
Уязвимость системы управления базами данных MySQL, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (6.8)
Links:
Published: Jan. 15, 2014
BDU:2015-00616
Уязвимость системы управления базами данных MySQL, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (4.0)
Links:
Published: Jan. 15, 2014
BDU:2015-00617
Уязвимость системы управления базами данных MySQL, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
BDU:2015-09983
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
BDU:2015-09984
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
BDU:2015-09985
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
BDU:2015-09987
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
BDU:2015-09989
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
BDU:2015-09990
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
BDU:2015-09992
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
BDU:2015-09995
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: LOW (3.5)
Links:
Published: April 16, 2015
BDU:2015-09996
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: LOW (3.5)
Links:
Published: April 16, 2015
BDU:2015-09997
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: LOW (3.5)
Links:
Published: April 16, 2015
BDU:2015-09998
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: LOW (2.8)
Links:
Published: April 16, 2015
BDU:2015-09999
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: LOW (2.8)
Links:
Published: April 16, 2015
BDU:2015-10000
Уязвимость системы управления базами данных MySQL, позволяющая удаленному нарушителю вызвать отказ в обслуживании
Severity: LOW (1.7)
Links:
Published: July 14, 2015
BDU:2015-11051
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю нарушить доступность защищаемой информации
Severity: MEDIUM (4.0)
Links:
Published: July 14, 2015
BDU:2015-11053
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю нарушить доступность защищаемой информации
Severity: LOW (3.5)
Links:
Published: July 14, 2015
BDU:2015-11055
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю нарушить доступность данных
Severity: LOW (1.7)
Links:
Published: July 14, 2015
BDU:2015-11056
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю нарушить доступность данных
Severity: LOW (3.5)
Links:
Published: July 14, 2015
BDU:2015-11057
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю нарушить доступность данных
Severity: LOW (3.5)
Links:
Published: July 14, 2015
BDU:2015-11058
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю нарушить доступность данных
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
BDU:2015-11834
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (2.1)
Links:
Published: Oct. 22, 2015
BDU:2015-11839
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
BDU:2015-11840
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
BDU:2015-11852
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (3.5)
Links:
Published: Oct. 22, 2015
BDU:2015-11876
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
BDU:2015-11901
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
BDU:2015-11924
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
BDU:2015-11931
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (3.5)
Links:
Published: Oct. 22, 2015
BDU:2015-11932
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (1.9)
Links:
Published: Oct. 22, 2015
BDU:2015-11935
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: July 16, 2015
BDU:2015-12166
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю нарушить безопасность информации
Severity: MEDIUM (6.5)
Links:
Published: Jan. 19, 2016
BDU:2016-00164
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Jan. 19, 2016
BDU:2016-00165
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.8)
Links:
Published: Jan. 19, 2016
BDU:2016-00169
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Jan. 19, 2016
BDU:2016-00170
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Jan. 19, 2016
BDU:2016-00179
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (2.8)
Links:
Published: Jan. 19, 2016
BDU:2016-00182
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (3.5)
Links:
Published: Jan. 19, 2016
BDU:2016-00183
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 21, 2016
BDU:2016-01100
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю повлиять на доступность информации
Severity: LOW (3.5)
Links:
Published: April 21, 2016
BDU:2016-01101
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю повлиять на доступность информации
Severity: LOW (3.5)
Links:
Published: April 21, 2016
BDU:2016-01103
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю повлиять на доступность информации
Severity: LOW (3.5)
Links:
Published: April 21, 2016
BDU:2016-01104
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю повлиять на доступность информации
Severity: LOW (3.5)
Links:
Published: April 21, 2016
BDU:2016-01105
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю повлиять на конфиденциальность информации
Severity: LOW (3.5)
Links:
Published: April 21, 2016
BDU:2016-01106
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю повлиять на доступность информации
Severity: LOW (3.5)
Links:
Published: April 21, 2016
BDU:2016-01108
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю повлиять на доступность информации
Severity: LOW (3.5)
Links:
Published: April 21, 2016
BDU:2016-01109
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю повлиять на доступность информации
Severity: LOW (3.5)
Links:
Published: Jan. 28, 2017
BDU:2017-00234
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: Jan. 28, 2017
BDU:2017-00237
Уязвимость системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 24, 2017
BDU:2017-01116
Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю модифицировать данные
Severity: LOW (3.5)
Links:
Published: April 24, 2017
BDU:2017-01117
Уязвимость системы управления базами данных Oracle MySQL , позволяющая нарушителю получить доступ на чтение данных
Severity: MEDIUM (4.3)
Links:
Published: April 24, 2017
BDU:2017-01118
Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю модифицировать данные
Severity: MEDIUM (4.0)
Links:
Published: April 24, 2017
BDU:2017-01123
Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю получить привилегированный доступ и вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 24, 2017
BDU:2017-01124
Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю получить привилегированный доступ и вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 24, 2017
BDU:2017-01125
Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю получить привилегированный доступ и вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 24, 2017
BDU:2017-01126
Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю получить привилегированный доступ и вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: April 24, 2017
BDU:2017-01128
Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю получить доступ на чтение данных или модифицировать данные
Severity: MEDIUM (5.5)
Links:
Published: April 24, 2017
BDU:2017-01129
Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю получить привилегированный доступ при модифицировании данных или вызвать отказ в обслуживании
Severity: MEDIUM (5.5)
Links:
Published: April 24, 2017
BDU:2017-01131
Уязвимость системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Links:
Published: May 23, 2017
BDU:2017-01815
Уязвимость функции crc32_big библиотеки zlib, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: May 23, 2017
BDU:2017-01816
Уязвимость компонента Inffast библиотеки zlib, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (7.5)
Links:
Published: Sept. 22, 2016
BDU:2017-02382
Уязвимость компонента inftrees библиотеки zlib, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: MEDIUM (6.8)
Links:
Published: Sept. 22, 2016
BDU:2017-02383
Уязвимость функции inflateMark библиотеки zlib, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Jan. 16, 2018
BDU:2018-00342
Уязвимость компонента Server:Partition системы управления базами данных MySQL, позволяющая нарушителю получить привилегии для изменения, добавления или удаления данных или вызвать отказ в обслуживании
Severity: HIGH (7.1) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Links:
Published: Oct. 16, 2018
BDU:2019-00469
Уязвимость компонента Server: Parser системы управления базами данных MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 16, 2018
BDU:2019-00619
Уязвимость компонента Client programs системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.3) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
Links:
Published: Oct. 16, 2018
BDU:2019-00662
Уязвимость компонента Server: Storage Engines системы управления базами данных MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9) Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 17, 2018
BDU:2019-01627
Уязвимость в компоненте Server: Options системы управления базами данных Oracle MySQL, позволяющая нарушителю получить несанкционированный доступ к функционалу и данным сервера
Severity: LOW (3.3) Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
Links:
Published: April 18, 2018
BDU:2019-03456
Уязвимость компонента Server: DDL системы управления базами данных MySQL Server, позволяющая нарушителю получить доступ на чтение данных
Severity: MEDIUM (4.3) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: April 18, 2018
BDU:2019-03457
Уязвимость компонента Server: DDL системы управления базами данных MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 18, 2018
BDU:2019-03458
Уязвимость компонента InnoDB системы управления базами данных MySQL Server , позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 17, 2018
BDU:2019-03538
Уязвимость компонента Server: Replication системы управления базами данных Oracle MySQL Server, позволяющая нарушителю получить несанкционированный доступ к устройству
Severity: HIGH (7.7) Vector: AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Links:
Published: April 17, 2018
BDU:2019-03540
Уязвимость компонента Client programs системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.9) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 17, 2018
BDU:2019-03542
Уязвимость компонента Server: Locking системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.4) Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 17, 2018
BDU:2019-03544
Уязвимость компонента Server: Optimizer системы управления базами данных Oracle MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9) Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 17, 2018
BDU:2019-04692
Уязвимость компонента Server:Optimizer системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 17, 2018
BDU:2019-04693
Уязвимость компонента Server:Optimizer системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 17, 2018
BDU:2019-04694
Уязвимость компонента Server:Optimizer системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 17, 2018
BDU:2019-04695
Уязвимость компонента Server:DDL системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 19, 2017
BDU:2020-00675
Уязвимость компонента Server:Replication системы управления базами данных Oracle MySQL, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным
Severity: MEDIUM (4.1) Vector: AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Oct. 19, 2017
BDU:2020-00677
Уязвимость компонента Server:Optimizer системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 19, 2017
BDU:2020-00678
Уязвимость компонента Client programs системы управления базами данных Oracle MySQL, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Oct. 19, 2017
BDU:2020-00679
Уязвимость компонента Server:DDL системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 18, 2018
BDU:2020-00681
Уязвимость компонента Server:Security:Encryption системы управления базами данных Oracle MySQL, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным
Severity: LOW (3.1) Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: April 18, 2018
BDU:2020-00682
Уязвимость компонента MyISAM системы управления базами данных Oracle MySQL, позволяющая нарушителю оказать воздействие на целостность данных
Severity: MEDIUM (4.3) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
Published: April 18, 2018
BDU:2020-00683
Уязвимость компонента Server:Security:Privileges системы управления базами данных Oracle MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9) Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 17, 2013
Modified: Feb. 21, 2014
Modified: Feb. 21, 2014
CVE-2013-1566
Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Severity: LOW (3.5)
Links:
Published: April 17, 2013
Modified: Feb. 21, 2014
Modified: Feb. 21, 2014
CVE-2013-1567
Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.
Severity: LOW (3.5)
Links:
Published: April 17, 2013
Modified: Feb. 21, 2014
Modified: Feb. 21, 2014
CVE-2013-1570
Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.
Severity: MEDIUM (5.0)
Links:
Published: April 17, 2013
Modified: Feb. 21, 2014
Modified: Feb. 21, 2014
CVE-2013-2381
Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
Severity: LOW (3.5)
Links:
Published: April 17, 2013
Modified: Feb. 21, 2014
Modified: Feb. 21, 2014
CVE-2013-2395
Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.
Severity: MEDIUM (6.8)
Links:
Published: July 17, 2013
Modified: Oct. 11, 2013
Modified: Oct. 11, 2013
CVE-2013-3795
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
Severity: MEDIUM (4.0)
Links:
Published: July 17, 2013
Modified: Oct. 11, 2013
Modified: Oct. 11, 2013
CVE-2013-3796
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Severity: MEDIUM (4.0)
Links:
Published: July 17, 2013
Modified: Oct. 11, 2013
Modified: Oct. 11, 2013
CVE-2013-3798
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
Severity: MEDIUM (5.8)
Links:
Published: July 17, 2013
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2013-3806
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
Severity: MEDIUM (4.0)
Links:
Published: July 17, 2013
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2013-3807
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
Severity: MEDIUM (4.0)
Links:
Published: July 17, 2013
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2013-3810
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
Severity: LOW (3.5)
Links:
Published: July 17, 2013
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2013-3811
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.
Severity: LOW (3.5)
Links:
Published: Oct. 16, 2013
Modified: Jan. 7, 2017
Modified: Jan. 7, 2017
CVE-2013-5767
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Severity: MEDIUM (4.0)
Links:
Published: Oct. 16, 2013
Modified: Jan. 7, 2017
Modified: Jan. 7, 2017
CVE-2013-5770
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.
Severity: LOW (2.1)
Links:
Published: Oct. 16, 2013
Modified: Jan. 7, 2017
Modified: Jan. 7, 2017
CVE-2013-5786
Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5793.
Severity: MEDIUM (4.0)
Links:
Published: Oct. 16, 2013
Modified: Jan. 7, 2017
Modified: Jan. 7, 2017
CVE-2013-5793
Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5786.
Severity: LOW (3.5)
Links:
Published: Jan. 15, 2014
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2013-5860
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
Severity: MEDIUM (6.8)
Links:
Published: Jan. 15, 2014
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2013-5881
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2014-0431.
Severity: MEDIUM (4.0)
Links:
Published: Jan. 15, 2014
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2013-5882
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures.
Severity: MEDIUM (6.8)
Links:
Published: Jan. 15, 2014
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2013-5894
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Severity: MEDIUM (4.0)
Links:
Published: Jan. 15, 2014
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2014-0427
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.
Severity: LOW (3.5)
Links:
Published: Jan. 15, 2014
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2014-0430
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.
Severity: LOW (2.8)
Links:
Published: Jan. 15, 2014
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2014-0431
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5881.
Severity: LOW (3.5)
Links:
Published: Jan. 15, 2014
Modified: Aug. 29, 2017
Modified: Aug. 29, 2017
CVE-2014-0433
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling.
Severity: MEDIUM (4.3)
Links:
Published: April 16, 2014
Modified: Jan. 7, 2017
Modified: Jan. 7, 2017
CVE-2014-2434
Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2014
Modified: Jan. 7, 2017
Modified: Jan. 7, 2017
CVE-2014-2435
Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2014
Modified: April 16, 2014
Modified: April 16, 2014
CVE-2014-2442
Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2014
Modified: April 16, 2014
Modified: April 16, 2014
CVE-2014-2444
Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to InnoDB.
Severity: MEDIUM (6.5)
Links:
Published: April 16, 2014
Modified: April 16, 2014
Modified: April 16, 2014
CVE-2014-2450
Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2014
Modified: April 16, 2014
Modified: April 16, 2014
CVE-2014-2451
Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges.
Severity: LOW (3.5)
Links:
Published: July 17, 2014
Modified: Oct. 9, 2018
Modified: Oct. 9, 2018
CVE-2014-2484
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.
Severity: MEDIUM (6.5)
Links:
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- SUSE-SU-2014:1072
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 1030578
- 60425
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
Published: July 17, 2014
Modified: Oct. 9, 2018
Modified: Oct. 9, 2018
CVE-2014-4214
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.
Severity: LOW (3.3)
Links:
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- 68607
- SUSE-SU-2014:1072
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 1030578
- 60425
- oracle-cpujul2014-cve20144214(94627)
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
Published: July 17, 2014
Modified: Oct. 9, 2018
Modified: Oct. 9, 2018
CVE-2014-4233
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.
Severity: MEDIUM (4.0)
Links:
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- 68598
- SUSE-SU-2014:1072
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 1030578
- 60425
- oracle-cpujul2014-cve20144233(94625)
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
Published: July 17, 2014
Modified: Oct. 9, 2018
Modified: Oct. 9, 2018
CVE-2014-4238
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.
Severity: MEDIUM (4.0)
Links:
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- 68587
- SUSE-SU-2014:1072
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 1030578
- 60425
- oracle-cpujul2014-cve20144238(94623)
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
Published: July 17, 2014
Modified: Oct. 9, 2018
Modified: Oct. 9, 2018
CVE-2014-4240
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.
Severity: LOW (3.6)
Links:
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- 68602
- SUSE-SU-2014:1072
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 1030578
- 60425
- oracle-cpujul2014-cve20144240(94626)
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
Published: Jan. 21, 2015
Modified: Sept. 8, 2017
Modified: Sept. 8, 2017
CVE-2015-0385
Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.
Severity: LOW (3.5)
Links:
Published: April 16, 2015
Modified: Sept. 12, 2023
Modified: Sept. 12, 2023
CVE-2015-0405
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.
Severity: MEDIUM (4.0)
Links:
Published: Jan. 21, 2015
Modified: Sept. 8, 2017
Modified: Sept. 8, 2017
CVE-2015-0409
Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
Modified: Sept. 12, 2023
Modified: Sept. 12, 2023
CVE-2015-0423
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
Modified: Sept. 12, 2023
Modified: Sept. 12, 2023
CVE-2015-0438
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-0439
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-0498
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.
Severity: LOW (1.7)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-0500
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-0503
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-0506
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2015-0508.
Severity: LOW (3.5)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-0507
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
Severity: LOW (3.5)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-0508
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0506.
Severity: MEDIUM (4.0)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-0511
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
Severity: LOW (2.8)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-2566
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.
Severity: LOW (2.8)
Links:
Published: April 16, 2015
Modified: Jan. 3, 2017
Modified: Jan. 3, 2017
CVE-2015-2567
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.
Severity: LOW (3.5)
Links:
Published: July 16, 2015
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2015-2617
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.
Severity: MEDIUM (6.5)
Links:
Published: July 16, 2015
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2015-2639
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.
Severity: LOW (3.5)
Links:
Published: July 16, 2015
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2015-2641
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.
Severity: LOW (3.5)
Links:
Published: July 16, 2015
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2015-2661
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.
Severity: LOW (2.1)
Links:
Published: May 16, 2016
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2015-3152
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Links:
- http://www.ocert.org/advisories/ocert-2015-003.html
- https://jira.mariadb.org/browse/MDEV-7937
- https://www.duosecurity.com/blog/backronym-mysql-vulnerability
- https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390
- http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/
- http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/
- https://access.redhat.com/security/cve/cve-2015-3152
- 1032216
- http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html
- 74398
- FEDORA-2015-10831
- FEDORA-2015-10849
- DSA-3311
- RHSA-2015:1665
- RHSA-2015:1647
- RHSA-2015:1646
- 20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4730
Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to affect availability via unknown vectors related to Types.
Severity: MEDIUM (4.0)
Links:
Published: July 16, 2015
Modified: April 22, 2019
Modified: April 22, 2019
CVE-2015-4756
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439.
Severity: MEDIUM (4.0)
Links:
Published: July 16, 2015
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2015-4761
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
Severity: LOW (3.5)
Links:
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4766
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.
Severity: LOW (1.9)
Links:
Published: July 16, 2015
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2015-4767
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769.
Severity: LOW (1.7)
Links:
Published: July 16, 2015
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2015-4769
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767.
Severity: LOW (3.5)
Links:
Published: July 16, 2015
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2015-4771
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.
Severity: LOW (3.5)
Links:
Published: July 16, 2015
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2015-4772
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4791
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.
Severity: LOW (3.5)
Links:
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4800
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4833
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4862
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4890
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.
Severity: LOW (3.5)
Links:
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4904
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4905
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.
Severity: MEDIUM (4.0)
Links:
Published: Oct. 22, 2015
Modified: Dec. 24, 2016
Modified: Dec. 24, 2016
CVE-2015-4910
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
Severity: LOW (2.1)
Links:
Published: Jan. 21, 2016
Modified: Oct. 30, 2018
Modified: Oct. 30, 2018
CVE-2016-0503
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0504.
Severity: MEDIUM (4.0)
Links:
Published: Jan. 21, 2016
Modified: Oct. 30, 2018
Modified: Oct. 30, 2018
CVE-2016-0504
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0503.
Severity: MEDIUM (6.8)
Links:
Published: Jan. 21, 2016
Modified: Oct. 30, 2018
Modified: Oct. 30, 2018
CVE-2016-0594
Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows remote authenticated users to affect availability via vectors related to DML.
Severity: MEDIUM (4.3)
Links:
Published: Jan. 21, 2016
Modified: Oct. 30, 2018
Modified: Oct. 30, 2018
CVE-2016-0595
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.
Severity: MEDIUM (4.0)
Links:
Published: Jan. 21, 2016
Modified: April 22, 2019
Modified: April 22, 2019
CVE-2016-0607
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.
Severity: LOW (2.8)
Links:
Published: Jan. 21, 2016
Modified: April 22, 2019
Modified: April 22, 2019
CVE-2016-0610
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Severity: LOW (3.5)
Links:
Published: Jan. 21, 2016
Modified: May 1, 2019
Modified: May 1, 2019
CVE-2016-0611
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Severity: MEDIUM (4.0)
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0652
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to DML.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0653
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to FTS.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0654
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0656.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0656
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0654.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0657
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect confidentiality via vectors related to JSON.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0658
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Optimizer.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0659
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Optimizer.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0662
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Partition.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0663
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Performance Schema.
Severity: MEDIUM (4.7) Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 21, 2016
Modified: Dec. 3, 2016
Modified: Dec. 3, 2016
CVE-2016-0667
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Locking.
Severity: MEDIUM (4.4) Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 21, 2016
Modified: Sept. 1, 2017
Modified: Sept. 1, 2017
CVE-2016-3424
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 21, 2016
Modified: Sept. 1, 2017
Modified: Sept. 1, 2017
CVE-2016-3440
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
Severity: HIGH (7.7) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
Published: July 21, 2016
Modified: Sept. 1, 2017
Modified: Sept. 1, 2017
CVE-2016-3518
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 21, 2016
Modified: Sept. 1, 2017
Modified: Sept. 1, 2017
CVE-2016-3588
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.
Severity: MEDIUM (5.9) Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
Links:
Published: July 21, 2016
Modified: Sept. 1, 2017
Modified: Sept. 1, 2017
CVE-2016-5436
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 21, 2016
Modified: Sept. 1, 2017
Modified: Sept. 1, 2017
CVE-2016-5437
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 21, 2016
Modified: Sept. 1, 2017
Modified: Sept. 1, 2017
CVE-2016-5441
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 21, 2016
Modified: Sept. 1, 2017
Modified: Sept. 1, 2017
CVE-2016-5442
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 21, 2016
Modified: Sept. 1, 2017
Modified: Sept. 1, 2017
CVE-2016-5443
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.
Severity: MEDIUM (4.7) Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Oct. 25, 2016
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2016-5628
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.
Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 25, 2016
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2016-5631
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.
Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 25, 2016
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2016-5632
Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.
Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 25, 2016
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2016-5633
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290.
Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 25, 2016
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2016-5634
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR.
Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 25, 2016
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2016-5635
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.
Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 25, 2016
Modified: July 29, 2017
Modified: July 29, 2017
CVE-2016-8286
Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.
Severity: LOW (3.1) Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Oct. 25, 2016
Modified: July 29, 2017
Modified: July 29, 2017
CVE-2016-8287
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.
Severity: MEDIUM (4.5) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Oct. 25, 2016
Modified: July 29, 2017
Modified: July 29, 2017
CVE-2016-8289
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.
Severity: MEDIUM (4.7) Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
Links:
Published: Oct. 25, 2016
Modified: July 29, 2017
Modified: July 29, 2017
CVE-2016-8290
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633.
Severity: MEDIUM (4.4) Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 23, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-9840
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- RHSA-2017:1221
- RHSA-2017:1220
- RHSA-2017:3047
- [oss-security] 20161205 Re: CVE Request: zlib security issues found during audit
- 95131
- RHSA-2017:3046
- openSUSE-SU-2017:0077
- GLSA-201701-56
- 1039427
- RHSA-2017:1222
- openSUSE-SU-2017:0080
- RHSA-2017:3453
- openSUSE-SU-2016:3202
- RHSA-2017:2999
- [debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update
- USN-4246-1
- [debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update
- USN-4292-1
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- https://support.apple.com/HT208144
- https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0
- https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
- https://bugzilla.redhat.com/show_bug.cgi?id=1402345
- https://support.apple.com/HT208113
- https://support.apple.com/HT208112
- https://support.apple.com/HT208115
- https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
- GLSA-202007-54
Published: May 23, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-9841
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- RHSA-2017:1221
- RHSA-2017:1220
- RHSA-2017:3047
- [oss-security] 20161205 Re: CVE Request: zlib security issues found during audit
- 95131
- RHSA-2017:3046
- openSUSE-SU-2017:0077
- 1039596
- GLSA-201701-56
- 1039427
- RHSA-2017:1222
- openSUSE-SU-2017:0080
- RHSA-2017:3453
- openSUSE-SU-2016:3202
- RHSA-2017:2999
- [debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update
- USN-4246-1
- [debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update
- USN-4292-1
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- https://support.apple.com/HT208144
- https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
- https://support.apple.com/HT208113
- https://support.apple.com/HT208112
- https://support.apple.com/HT208115
- https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
- https://bugzilla.redhat.com/show_bug.cgi?id=1402346
- https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb
- https://security.netapp.com/advisory/ntap-20171019-0001/
- GLSA-202007-54
Published: May 23, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-9842
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- RHSA-2017:1221
- RHSA-2017:1220
- RHSA-2017:3047
- [oss-security] 20161205 Re: CVE Request: zlib security issues found during audit
- 95131
- RHSA-2017:3046
- openSUSE-SU-2017:0077
- GLSA-201701-56
- 1039427
- RHSA-2017:1222
- openSUSE-SU-2017:0080
- RHSA-2017:3453
- openSUSE-SU-2016:3202
- RHSA-2017:2999
- [debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update
- USN-4246-1
- [debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update
- USN-4292-1
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- https://support.apple.com/HT208144
- https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
- https://support.apple.com/HT208113
- https://support.apple.com/HT208112
- https://support.apple.com/HT208115
- https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
- https://bugzilla.redhat.com/show_bug.cgi?id=1402348
- https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958
- GLSA-202007-54
Published: May 23, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-9843
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- RHSA-2017:1221
- RHSA-2017:1220
- RHSA-2017:3047
- [oss-security] 20161205 Re: CVE Request: zlib security issues found during audit
- 95131
- 1041888
- RHSA-2017:3046
- openSUSE-SU-2017:0077
- GLSA-201701-56
- 1039427
- RHSA-2017:1222
- openSUSE-SU-2017:0080
- RHSA-2017:3453
- openSUSE-SU-2016:3202
- RHSA-2017:2999
- [debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update
- USN-4246-1
- [debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update
- USN-4292-1
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- https://support.apple.com/HT208144
- https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
- https://support.apple.com/HT208113
- https://support.apple.com/HT208112
- https://support.apple.com/HT208115
- https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
- https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811
- https://bugzilla.redhat.com/show_bug.cgi?id=1402351
- https://security.netapp.com/advisory/ntap-20181018-0002/
- GLSA-202007-54
Published: Oct. 19, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-10165
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 19, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-10167
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 19, 2017
Modified: Sept. 29, 2022
Modified: Sept. 29, 2022
CVE-2017-10268
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).
Severity: MEDIUM (4.1) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- 1039597
- 101390
- DSA-4002
- https://security.netapp.com/advisory/ntap-20171019-0002/
- RHSA-2017:3265
- RHSA-2017:3442
- RHSA-2018:0279
- RHSA-2018:0574
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2019:1258
Published: Oct. 19, 2017
Modified: Dec. 14, 2017
Modified: Dec. 14, 2017
CVE-2017-10284
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Stored Procedure). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 19, 2017
Modified: Dec. 14, 2017
Modified: Dec. 14, 2017
CVE-2017-10296
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 19, 2017
Modified: Dec. 14, 2017
Modified: Dec. 14, 2017
CVE-2017-10311
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 19, 2017
Modified: Dec. 14, 2017
Modified: Dec. 14, 2017
CVE-2017-10313
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 19, 2017
Modified: July 19, 2022
Modified: July 19, 2022
CVE-2017-10378
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- 1039597
- 101375
- DSA-4002
- https://security.netapp.com/advisory/ntap-20171019-0002/
- RHSA-2017:3265
- RHSA-2017:3442
- RHSA-2018:0279
- RHSA-2018:0574
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2019:1258
Published: Oct. 19, 2017
Modified: July 19, 2022
Modified: July 19, 2022
CVE-2017-10379
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Oct. 19, 2017
Modified: July 21, 2022
Modified: July 21, 2022
CVE-2017-10384
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 28, 2017
Modified: Dec. 8, 2017
Modified: Dec. 8, 2017
CVE-2017-3251
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 28, 2017
Modified: Dec. 8, 2017
Modified: Dec. 8, 2017
CVE-2017-3256
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 28, 2017
Modified: Dec. 8, 2017
Modified: Dec. 8, 2017
CVE-2017-3319
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).
Severity: LOW (3.1) Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Jan. 28, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3320
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).
Severity: LOW (2.4) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3452
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3454
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3455
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).
Severity: MEDIUM (5.4) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3457
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3458
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3459
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3460
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3465
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
Severity: MEDIUM (4.3) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3467
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Severity: LOW (3.7) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
Published: April 24, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3468
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).
Severity: LOW (3.1) Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3529
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (5.3) Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3637
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (5.3) Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3638
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3639
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3640
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3642
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3643
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3644
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3645
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3646
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 8, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-3650
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Severity: LOW (3.7) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Jan. 18, 2018
Modified: July 1, 2022
Modified: July 1, 2022
CVE-2018-2562
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).
Severity: HIGH (7.1) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- https://security.netapp.com/advisory/ntap-20180117-0002/
- 1040216
- 102713
- DSA-4091
- [debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update
- USN-3537-2
- USN-3537-1
- RHSA-2018:0587
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2019:1258
Published: Jan. 18, 2018
Modified: July 18, 2022
Modified: July 18, 2022
CVE-2018-2622
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- https://security.netapp.com/advisory/ntap-20180117-0002/
- 1040216
- 102706
- DSA-4091
- [debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update
- USN-3537-2
- USN-3537-1
- RHSA-2018:0587
- RHSA-2018:0586
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2019:1258
Published: Jan. 18, 2018
Modified: July 18, 2022
Modified: July 18, 2022
CVE-2018-2640
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- https://security.netapp.com/advisory/ntap-20180117-0002/
- 1040216
- 102678
- DSA-4091
- [debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update
- USN-3537-2
- USN-3537-1
- RHSA-2018:0587
- RHSA-2018:0586
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2019:1258
Published: Jan. 18, 2018
Modified: July 18, 2022
Modified: July 18, 2022
CVE-2018-2665
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- https://security.netapp.com/advisory/ntap-20180117-0002/
- 1040216
- 102681
- DSA-4091
- [debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update
- USN-3537-2
- USN-3537-1
- RHSA-2018:0587
- RHSA-2018:0586
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2019:1258
Published: Jan. 18, 2018
Modified: July 18, 2022
Modified: July 18, 2022
CVE-2018-2668
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- https://security.netapp.com/advisory/ntap-20180117-0002/
- 1040216
- 102682
- DSA-4091
- [debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update
- USN-3537-2
- USN-3537-1
- RHSA-2018:0587
- RHSA-2018:0586
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2019:1258
Published: April 19, 2018
Modified: July 19, 2022
Modified: July 19, 2022
CVE-2018-2755
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
Severity: HIGH (7.7) Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- 1040698
- 103807
- https://security.netapp.com/advisory/ntap-20180419-0002/
- [debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update
- DSA-4176
- USN-3629-1
- USN-3629-2
- RHSA-2018:1254
- USN-3629-3
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- GLSA-201908-24
Published: April 19, 2018
Modified: Aug. 4, 2022
Modified: Aug. 4, 2022
CVE-2018-2761
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- 1040698
- 103820
- https://security.netapp.com/advisory/ntap-20180419-0002/
- [debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update
- DSA-4176
- USN-3629-1
- USN-3629-2
- RHSA-2018:1254
- USN-3629-3
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- GLSA-201908-24
Published: July 18, 2018
Modified: Sept. 21, 2022
Modified: Sept. 21, 2022
CVE-2018-2767
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).
Severity: LOW (3.1) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: April 19, 2018
Modified: Nov. 29, 2022
Modified: Nov. 29, 2022
CVE-2018-2771
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- 1040698
- 103828
- https://security.netapp.com/advisory/ntap-20180419-0002/
- [debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update
- DSA-4176
- USN-3629-1
- USN-3629-2
- RHSA-2018:1254
- USN-3629-3
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- GLSA-201908-24
Published: April 19, 2018
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2018-2773
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.1) Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 19, 2018
Modified: Aug. 19, 2022
Modified: Aug. 19, 2022
CVE-2018-2781
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- 1040698
- 103825
- https://security.netapp.com/advisory/ntap-20180419-0002/
- [debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update
- DSA-4176
- USN-3629-1
- USN-3629-2
- RHSA-2018:1254
- USN-3629-3
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- GLSA-201908-24
Published: April 19, 2018
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2018-2813
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- 1040698
- 103830
- https://security.netapp.com/advisory/ntap-20180419-0002/
- [debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update
- DSA-4176
- USN-3629-1
- USN-3629-2
- RHSA-2018:1254
- USN-3629-3
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- GLSA-201908-24
Published: April 19, 2018
Modified: Aug. 1, 2022
Modified: Aug. 1, 2022
CVE-2018-2817
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- 1040698
- 103818
- https://security.netapp.com/advisory/ntap-20180419-0002/
- [debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update
- DSA-4176
- USN-3629-1
- USN-3629-2
- RHSA-2018:1254
- USN-3629-3
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- GLSA-201908-24
Published: April 19, 2018
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2018-2818
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 19, 2018
Modified: Aug. 1, 2022
Modified: Aug. 1, 2022
CVE-2018-2819
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- 1040698
- 103814
- https://security.netapp.com/advisory/ntap-20180419-0002/
- [debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update
- DSA-4176
- USN-3629-1
- USN-3629-2
- RHSA-2018:1254
- USN-3629-3
- [debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
- RHSA-2018:2439
- RHSA-2018:2729
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- GLSA-201908-24
Published: July 18, 2018
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2018-3058
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- https://security.netapp.com/advisory/ntap-20180726-0002/
- 1041294
- 104766
- USN-3725-2
- USN-3725-1
- [debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update
- [debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- RHSA-2019:2327
Published: July 18, 2018
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2018-3061
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 18, 2018
Modified: Aug. 19, 2022
Modified: Aug. 19, 2022
CVE-2018-3063
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- 104786
- https://security.netapp.com/advisory/ntap-20180726-0002/
- 1041294
- USN-3725-2
- USN-3725-1
- [debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update
- [debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update
- DSA-4341
- RHSA-2019:1258
- RHSA-2019:2327
Published: July 18, 2018
Modified: Aug. 29, 2022
Modified: Aug. 29, 2022
CVE-2018-3066
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).
Severity: LOW (3.3) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
Links:
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- https://security.netapp.com/advisory/ntap-20180726-0002/
- 1041294
- 104766
- USN-3725-2
- USN-3725-1
- [debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update
- [debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- RHSA-2019:2327
Published: July 18, 2018
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2018-3070
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 18, 2018
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2018-3071
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Audit Log). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 18, 2018
Modified: Aug. 4, 2022
Modified: Aug. 4, 2022
CVE-2018-3081
Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.0 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H).
Severity: MEDIUM (5.0) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
Links:
Published: Oct. 17, 2018
Modified: Aug. 1, 2022
Modified: Aug. 1, 2022
CVE-2018-3133
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 17, 2018
Modified: Dec. 7, 2022
Modified: Dec. 7, 2022
CVE-2018-3174
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H).
Severity: MEDIUM (5.3) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- 1041888
- 105612
- https://security.netapp.com/advisory/ntap-20181018-0002/
- USN-3799-1
- USN-3799-2
- [debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update
- [debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- GLSA-201908-24
Published: Oct. 17, 2018
Modified: Nov. 8, 2022
Modified: Nov. 8, 2022
CVE-2018-3282
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- 1041888
- 105610
- https://security.netapp.com/advisory/ntap-20181018-0002/
- USN-3799-1
- USN-3799-2
- [debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update
- [debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update
- DSA-4341
- RHSA-2018:3655
- RHSA-2019:1258
- RHSA-2019:2327
- GLSA-201908-24
Published: July 24, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-2731
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L).
Severity: MEDIUM (5.4) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Links: