Skip to main content

MySQL

1223 CVEs product

Monthly

CVE-2017-3464 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL Debian Linux Enterprise Linux Desktop +6
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2017-3463 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-3462 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-3461 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-3460 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-3459 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-3458 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-3457 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-3456 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD
CVSS 3.1
4.9
EPSS
0.2%
CVE-2017-3455 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL
NVD
CVSS 3.0
5.4
EPSS
0.4%
CVE-2017-3454 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2017-3453 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2017-3452 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2017-3450 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2017-3331 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-3329 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2017-3309 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD
CVSS 3.1
7.7
EPSS
0.3%
CVE-2017-3308 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD
CVSS 3.1
7.7
EPSS
0.3%
CVE-2017-3305 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Authentication Bypass Oracle MySQL Debian Linux
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2017-3302 HIGH PATCH This Week

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Oracle MySQL +7
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2017-3320 LOW PATCH Monitor

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL
NVD VulDB
CVSS 3.0
2.4
EPSS
0.3%
CVE-2017-3319 LOW PATCH Monitor

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure MySQL
NVD VulDB
CVSS 3.0
3.1
EPSS
0.6%
CVE-2017-3318 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Rated medium severity (CVSS 4.0).

Authentication Bypass Oracle MySQL Debian Linux Enterprise Linux Desktop +6
NVD VulDB
CVSS 3.1
4.0
EPSS
0.1%
CVE-2017-3317 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Rated medium severity (CVSS 4.0).

Denial Of Service Oracle MySQL Debian Linux Enterprise Linux Desktop +6
NVD VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2017-3313 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Rated medium severity (CVSS 4.7).

Authentication Bypass Oracle MySQL Debian Linux Ubuntu Linux +7
NVD VulDB
CVSS 3.1
4.7
EPSS
0.1%
CVE-2017-3312 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 6.7).

Information Disclosure Oracle MySQL Debian Linux MariaDB
NVD VulDB
CVSS 3.1
6.7
EPSS
0.1%
CVE-2017-3291 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 6.3).

Information Disclosure Oracle MySQL MariaDB Debian Linux +6
NVD VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2017-3273 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
6.5
EPSS
0.9%
CVE-2017-3265 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 5.6).

Authentication Bypass Oracle MySQL Enterprise Linux Desktop Enterprise Linux Eus +6
NVD VulDB
CVSS 3.1
5.6
EPSS
0.2%
CVE-2017-3258 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL MariaDB Debian Linux +6
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2017-3257 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle MySQL MariaDB Debian Linux
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2017-3256 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
6.5
EPSS
0.6%
CVE-2017-3251 MEDIUM This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-3244 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2017-3243 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL MariaDB Debian Linux +6
NVD VulDB
CVSS 3.1
4.4
EPSS
5.6%
CVE-2017-3238 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD VulDB
CVSS 3.1
6.5
EPSS
2.5%
CVE-2016-8327 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
4.4
EPSS
0.5%
CVE-2016-8318 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
6.8
EPSS
0.2%
CVE-2016-6664 HIGH POC PATCH THREAT Act Now

mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and. Rated high severity (CVSS 7.0). Public exploit code available and EPSS exploitation probability 54.4%.

Information Disclosure Oracle MySQL MariaDB Percona Server +1
NVD Exploit-DB
CVSS 3.1
7.0
EPSS
54.4%
Threat
4.5
CVE-2016-6663 HIGH POC PATCH This Week

Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Information Disclosure Oracle MySQL Percona Server +2
NVD GitHub Exploit-DB
CVSS 3.0
7.0
EPSS
3.4%
CVE-2016-7440 MEDIUM PATCH This Month

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure MariaDB MySQL Wolfssl Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2016-8290 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
4.4
EPSS
0.5%
CVE-2016-8289 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.7).

Privilege Escalation Oracle MySQL
NVD
CVSS 3.0
4.7
EPSS
0.1%
CVE-2016-8288 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Oracle Authentication Bypass MySQL
NVD
CVSS 3.0
3.1
EPSS
0.2%
CVE-2016-8287 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
4.5
EPSS
0.3%
CVE-2016-8286 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
3.1
EPSS
0.1%
CVE-2016-8284 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication. Rated low severity (CVSS 1.8).

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
1.8
EPSS
0.1%
CVE-2016-8283 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB
NVD
CVSS 3.0
4.3
EPSS
0.4%
CVE-2016-5635 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
1.4%
CVE-2016-5634 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
1.4%
CVE-2016-5633 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
1.4%
CVE-2016-5632 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
1.4%
CVE-2016-5631 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
1.4%
CVE-2016-5630 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2016-5629 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB Enterprise Linux Desktop +5
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2016-5628 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
2.9%
CVE-2016-5627 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2016-5626 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB Enterprise Linux Eus +3
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2016-5625 HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging. Rated high severity (CVSS 7.0).

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2016-5624 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB Enterprise Linux Desktop +5
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2016-5612 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB Enterprise Linux Desktop +5
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2016-5609 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2016-5584 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server:. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Information Disclosure Oracle MySQL MariaDB Debian Linux
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2016-5507 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2016-3495 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2016-3492 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server:. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB Enterprise Linux Desktop +5
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2016-6662 CRITICAL POC PATCH THREAT Act Now

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 89.6%.

RCE Privilege Escalation Oracle MySQL Percona Server +10
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
89.6%
Threat
6.1
CVE-2016-5444 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle MySQL MariaDB Powerkvm +8
NVD
CVSS 3.0
3.7
EPSS
3.8%
CVE-2016-5443 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
4.7
EPSS
0.1%
CVE-2016-5442 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.6%
CVE-2016-5441 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.7%
CVE-2016-5440 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Powerkvm MariaDB MySQL +9
NVD
CVSS 3.0
4.9
EPSS
0.6%
CVE-2016-5439 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL Ubuntu Linux
NVD
CVSS 3.0
4.9
EPSS
0.4%
CVE-2016-5437 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.7%
CVE-2016-5436 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.9%
CVE-2016-3615 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Linux MariaDB MySQL +3
NVD
CVSS 3.0
5.3
EPSS
1.4%
CVE-2016-3614 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle MySQL Ubuntu Linux
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2016-3588 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
5.9
EPSS
0.6%
CVE-2016-3521 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Powerkvm MariaDB MySQL +3
NVD
CVSS 3.0
6.5
EPSS
0.8%
CVE-2016-3518 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2016-3501 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL Ubuntu Linux
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2016-3486 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL Ubuntu Linux
NVD
CVSS 3.0
6.5
EPSS
2.4%
CVE-2016-3477 HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users. Rated high severity (CVSS 8.1), this vulnerability is no authentication required.

Information Disclosure Oracle Powerkvm MySQL Linux +3
NVD
CVSS 3.0
8.1
EPSS
0.1%
CVE-2016-3471 HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option. Rated high severity (CVSS 7.5).

Information Disclosure Oracle MySQL Enterprise Linux MariaDB
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2016-3459 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MariaDB MySQL
NVD
CVSS 3.0
4.9
EPSS
0.9%
CVE-2016-3452 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Enterprise Linux MySQL MariaDB +2
NVD
CVSS 3.0
3.7
EPSS
3.3%
CVE-2016-3440 HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
7.7
EPSS
1.0%
CVE-2016-3424 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.9%
CVE-2015-3152 MEDIUM POC PATCH THREAT This Month

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 51.7%.

Information Disclosure Oracle MySQL Mysql Connector C MariaDB +9
NVD GitHub
CVSS 3.1
5.9
EPSS
51.7%
Threat
4.2
CVE-2016-2105 HIGH PATCH Act Now

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 45.1%.

Integer Overflow Denial Of Service OpenSSL Buffer Overflow Enterprise Linux Desktop +13
NVD
CVSS 3.1
7.5
EPSS
45.1%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL +8
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +1
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +8
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +8
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle MySQL +1
NVD
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +8
NVD
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +8
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Authentication Bypass Oracle MySQL +1
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +9
NVD
EPSS 0% CVSS 2.4
LOW PATCH Monitor

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL
NVD VulDB
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure MySQL
NVD VulDB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Rated medium severity (CVSS 4.0).

Authentication Bypass Oracle MySQL +8
NVD VulDB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Rated medium severity (CVSS 4.0).

Denial Of Service Oracle MySQL +8
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Rated medium severity (CVSS 4.7).

Authentication Bypass Oracle MySQL +9
NVD VulDB
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 6.7).

Information Disclosure Oracle MySQL +2
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 6.3).

Information Disclosure Oracle MySQL +8
NVD VulDB
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 5.6).

Authentication Bypass Oracle MySQL +8
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +8
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle MySQL +2
NVD VulDB
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +8
NVD VulDB
EPSS 6% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL +8
NVD VulDB
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +8
NVD VulDB
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
EPSS 54% 4.5 CVSS 7.0
HIGH POC PATCH THREAT Act Now

mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and. Rated high severity (CVSS 7.0). Public exploit code available and EPSS exploitation probability 54.4%.

Information Disclosure Oracle MySQL +3
NVD Exploit-DB
EPSS 3% CVSS 7.0
HIGH POC PATCH This Week

Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Information Disclosure Oracle +4
NVD GitHub Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure MariaDB MySQL +2
NVD
EPSS 1% CVSS 4.4
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Information Disclosure Oracle MySQL
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.7).

Privilege Escalation Oracle MySQL
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Oracle Authentication Bypass MySQL
NVD
EPSS 0% CVSS 4.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle MySQL
NVD
EPSS 0% CVSS 1.8
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication. Rated low severity (CVSS 1.8).

Information Disclosure Oracle MySQL
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +7
NVD
EPSS 3% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +5
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging. Rated high severity (CVSS 7.0).

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +7
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +7
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server:. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Information Disclosure Oracle MySQL +2
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server:. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +7
NVD
EPSS 90% 6.1 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 89.6%.

RCE Privilege Escalation Oracle +12
NVD Exploit-DB
EPSS 4% CVSS 3.7
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle MySQL +10
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Powerkvm +11
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Linux +5
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle MySQL +1
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Powerkvm +5
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +1
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL +1
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users. Rated high severity (CVSS 8.1), this vulnerability is no authentication required.

Information Disclosure Oracle Powerkvm +5
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option. Rated high severity (CVSS 7.5).

Information Disclosure Oracle MySQL +2
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MariaDB +1
NVD
EPSS 3% CVSS 3.7
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Enterprise Linux +4
NVD
EPSS 1% CVSS 7.7
HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
EPSS 52% 4.2 CVSS 5.9
MEDIUM POC PATCH THREAT This Month

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 51.7%.

Information Disclosure Oracle MySQL +11
NVD GitHub
EPSS 45% CVSS 7.5
HIGH PATCH Act Now

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 45.1%.

Integer Overflow Denial Of Service OpenSSL +15
NVD
Prev Page 10 of 14 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy