CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2017-3238 – mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)
https://notcve.org/view.php?id=CVE-2017-3238
20 Jan 2017 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.... • http://www.debian.org/security/2017/dsa-3767 •
CVSS: 7.8EPSS: 6%CPEs: 12EXPL: 4CVE-2016-6664 – MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' System User Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-6664
02 Nov 2016 — mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files. mysqld_safe en Oracle MySQL hasta la versión 5.5.5... • https://packetstorm.news/files/id/139491 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 4CVE-2016-6663 – MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition
https://notcve.org/view.php?id=CVE-2016-6663
31 Oct 2016 — Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.... • https://packetstorm.news/files/id/139476 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5631 – Gentoo Linux Security Advisory 201701-01
https://notcve.org/view.php?id=CVE-2016-5631
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: Memcached. Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to the remote execution of arbitrary code. Versions less than 10.0.28 ... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5634 – Gentoo Linux Security Advisory 201701-01
https://notcve.org/view.php?id=CVE-2016-5634
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con RBR. Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to the remote execution of arbitrary code. Versions less than 10.0.28 are affected. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5635 – Gentoo Linux Security Advisory 201701-01
https://notcve.org/view.php?id=CVE-2016-5635
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: Security: Audit. Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to the remote execution of arbitrary code. Versions less t... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8290 – Gentoo Linux Security Advisory 201701-01
https://notcve.org/view.php?id=CVE-2016-8290
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: Performance Schema, una vulnerabilidad diferente a CVE-2016-5633. Multiple vulnerabilities have been found in MariaDB a... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2016-3492 – mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU October 2016)
https://notcve.org/view.php?id=CVE-2016-3492
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. Vulnerabilidad no especificada en Oracle MySQL 5.5.51 y versiones anteriores, 5.6.32 y versiones anteriores y 5.7.14 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con Server: Optimizer. MariaDB is a multi-user, multi-threaded SQL d... • http://rhn.redhat.com/errata/RHSA-2016-2130.html •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5628 – Gentoo Linux Security Advisory 201701-01
https://notcve.org/view.php?id=CVE-2016-5628
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML. Vulnerabilidad no especificada en Oracle MySQL 5.7.13 y versiones anteriores permite a administradores remotos afectar la disponibilidad a través de vectores relacionados con Server: DML. Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could lead to the remote execution of arbitrary code. Versions less than 10.0.28 are affected... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-8283 – mysql: unspecified vulnerability in subcomponent: Server: Types (CPU October 2016)
https://notcve.org/view.php?id=CVE-2016-8283
25 Oct 2016 — Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. Vulnerabilidad no especificada en Oracle MySQL 5.5.51 y versiones anteriores, 5.6.32 y versiones anteriores y 5.7.14 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con Server: Types. MariaDB is a multi-user, multi-threaded SQL database ... • http://rhn.redhat.com/errata/RHSA-2016-2130.html •