CVSS: 4.9EPSS: 0%CPEs: 19EXPL: 0CVE-2019-2683 – mysql: Server: Options unspecified vulnerability (CPU Apr 2019)
https://notcve.org/view.php?id=CVE-2019-2683
23 Apr 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Avail... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 4.4EPSS: 0%CPEs: 32EXPL: 0CVE-2019-2614 – mysql: Server: Replication unspecified vulnerability (CPU Apr 2019)
https://notcve.org/view.php?id=CVE-2019-2614
23 Apr 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html •
CVSS: 4.9EPSS: 0%CPEs: 28EXPL: 0CVE-2019-2627 – mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019)
https://notcve.org/view.php?id=CVE-2019-2627
23 Apr 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Sco... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html •
CVSS: 4.9EPSS: 0%CPEs: 22EXPL: 0CVE-2019-2628 – mysql: InnoDB unspecified vulnerability (CPU Apr 2019)
https://notcve.org/view.php?id=CVE-2019-2628
23 Apr 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2632
https://notcve.org/view.php?id=CVE-2019-2632
23 Apr 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impact... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 4.9EPSS: 0%CPEs: 20EXPL: 0CVE-2019-2592 – mysql: Server: PS unspecified vulnerability (CPU Apr 2019)
https://notcve.org/view.php?id=CVE-2019-2592
23 Apr 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 4.9EPSS: 0%CPEs: 20EXPL: 0CVE-2019-2581 – mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019)
https://notcve.org/view.php?id=CVE-2019-2581
23 Apr 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts)... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2566 – Ubuntu Security Notice USN-3957-1
https://notcve.org/view.php?id=CVE-2019-2566
23 Apr 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impa... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2018-3123
https://notcve.org/view.php?id=CVE-2018-3123
23 Apr 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.9 (Confiden... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 5.9EPSS: 4%CPEs: 180EXPL: 0CVE-2019-1559 – 0-byte record padding oracle
https://notcve.org/view.php?id=CVE-2019-1559
26 Feb 2019 — If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order ... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html • CWE-203: Observable Discrepancy CWE-325: Missing Cryptographic Step •