CVSS: 5.9EPSS: 54%CPEs: 27EXPL: 2CVE-2015-3152 – mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM)
https://notcve.org/view.php?id=CVE-2015-3152
29 Apr 2015 — Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack. Oracle MySQL en versiones anteriores a 5.7.3, Oracle MySQL Connector/C (también conocido como libmysqlclient) en versiones anteriores a 6.1.3 y MariaDB en versiones anteriores a 5.5.44 utiliza la opción --ssl significa que SSL es ... • https://github.com/duo-labs/mysslstrip • CWE-295: Improper Certificate Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0506 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0506
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2015-0508. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.23 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con InnoDB, una vulnerabilidad diferente a CVE-2015-0508. Multiple vulnerabilities have been found in MySQL, allowi... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0511 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0511
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.23 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : SP. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less t... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2015-0438 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0438
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Partition. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. V... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2575 – Debian Security Advisory 3621-1
https://notcve.org/view.php?id=CVE-2015-2575
16 Apr 2015 — Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J. Vulnerabilidad no especificada en el componente MySQL Connectors en Oracle MySQL 5.1.34 y anteriores permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos relacionados con Connector/J. A vulnerability was discovered in mysql-connector-java, a Java dat... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 7.4EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2567 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-2567
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.23 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Security : Privileges. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or ca... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0503 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0503
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.23 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Partition. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. V... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0507 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0507
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.23 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Memcached. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. V... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2566 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-2566
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con DML. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 5.6.24 are affected. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2015-0423 – Gentoo Linux Security Advisory 201507-19
https://notcve.org/view.php?id=CVE-2015-0423
16 Apr 2015 — Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Optimizer. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than ... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •