CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-7440 – Slackware Security Advisory - mariadb Updates
https://notcve.org/view.php?id=CVE-2016-7440
25 Oct 2016 — The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. La implementación de software C de AES Encryption and Decryption en wolfSSL (anterioremtne CyaSSL) en versiones anteriores a 3.9.10 hace más fácil para usuarios locales descubrir las claves AES aprovechando las diferencias de tiempo de banco del cachè. Multiple security issues were discovered in MySQL and t... • http://www.debian.org/security/2016/dsa-3706 •
CVSS: 10.0EPSS: 89%CPEs: 30EXPL: 9CVE-2016-6662 – MySQL / MariaDB / PerconaDB 5.5.51/5.6.32/5.7.14 - Code Execution / Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-6662
12 Sep 2016 — Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL... • https://packetstorm.news/files/id/138678 • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 4%CPEs: 26EXPL: 0CVE-2016-5444 – mysql: unspecified vulnerability in subcomponent: Server: Connection (CPU July 2016)
https://notcve.org/view.php?id=CVE-2016-5444
21 Jul 2016 — Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection. Vulnerabilidad no especificada en Oracle MySQL 5.5.48 y versiones anteriores, 5.6.29 y versiones anteriores y 5.7.11 y versiones anteriores y MariaDB en versiones anteriores a 5.5.49, 10.0.x en versiones anteriores a 10.0.25 y 10.1.x en v... • http://rhn.redhat.com/errata/RHSA-2016-0705.html •
CVSS: 4.3EPSS: 3%CPEs: 11EXPL: 0CVE-2016-3452 – mysql: unspecified vulnerability in subcomponent: Server: Security: Encryption (CPU July 2016)
https://notcve.org/view.php?id=CVE-2016-3452
21 Jul 2016 — Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption. Vulnerabilidad no especificada en Oracle MySQL 5.5.48 y versiones anteriores, 5.6.29 y versiones anteriores y 5.7.10 y versiones anteriores y MariaDB en versiones anteriores a 5.5.49, 10.0.x en versiones anteriores a 10.0.25 y 1... • http://rhn.redhat.com/errata/RHSA-2016-0705.html •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-3471 – mysql: unspecified vulnerability in subcomponent: Server: Option (CPU July 2016)
https://notcve.org/view.php?id=CVE-2016-3471
21 Jul 2016 — Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option. Vulnerabilidad no especificada en Oracle MySQL 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Server: Option. MariaDB is a multi-user, multi-threaded SQL database server. F... • http://rhn.redhat.com/errata/RHSA-2016-0534.html •
CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0CVE-2016-3477 – mysql: unspecified vulnerability in subcomponent: Server: Parser (CPU July 2016)
https://notcve.org/view.php?id=CVE-2016-3477
21 Jul 2016 — Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser. Vulnerabilidad no especificada en Oracle MySQL 5.5.49 y versiones anteriores, 5.6.30 y versiones anteriores y 5.7.12 y versiones anteriores y MariaDB en versiones anteriores a 5.5.50, 10.0.x en versiones anteriores a 1... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html •
CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2016-3521 – mysql: unspecified vulnerability in subcomponent: Server: Types (CPU July 2016)
https://notcve.org/view.php?id=CVE-2016-3521
21 Jul 2016 — Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types. Vulnerabilidad no especificada en Oracle MySQL 5.5.49 y versiones anteriores, 5.6.30 y versiones anteriores y 5.7.12 y versiones anteriores y MariaDB en versiones anteriores a 5.5.50, 10.0.x en versiones anteriores a 10.0.26 y 10.1.x en... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html •
CVSS: 5.3EPSS: 1%CPEs: 14EXPL: 0CVE-2016-3615 – mysql: unspecified vulnerability in subcomponent: Server: DML (CPU July 2016)
https://notcve.org/view.php?id=CVE-2016-3615
21 Jul 2016 — Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML. Vulnerabilidad no especificada en Oracle MySQL 5.5.49 y versiones anteriores, 5.6.30 y versiones anteriores y 5.7.12 y versiones anteriores y MariaDB en versiones anteriores a 5.5.50, 10.0.x en versiones anteriores a 10.0.26 y 10.1.x en v... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html •
CVSS: 4.9EPSS: 0%CPEs: 27EXPL: 0CVE-2016-5440 – mysql: unspecified vulnerability in subcomponent: Server: RBR (CPU July 2016)
https://notcve.org/view.php?id=CVE-2016-5440
21 Jul 2016 — Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR. Vulnerabilidad no especificada en Oracle MySQL 5.5.49 y versiones anteriores, 5.6.30 y versiones anteriores y 5.7.12 y versiones anteriores y MariaDB en versiones anteriores a 5.5.50, 10.0.x en versiones anteriores a 10.0.26 y 10.1.x en versio... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html •
CVSS: 6.5EPSS: 0%CPEs: 31EXPL: 0CVE-2018-2817 – mysql: Server: DDL unspecified vulnerability (CPU Apr 2018)
https://notcve.org/view.php?id=CVE-2018-2817
28 Apr 2016 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availabili... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •