CVSS: 7.1EPSS: 0%CPEs: 23EXPL: 0CVE-2019-2534 – mysql: Server: Replication unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2534
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update, ins... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.1EPSS: 0%CPEs: 18EXPL: 0CVE-2019-2535 – mysql: Server: Options unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2535
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 5.0EPSS: 0%CPEs: 18EXPL: 0CVE-2019-2536 – mysql: Server: Packaging unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2536
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attack... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.9EPSS: 0%CPEs: 26EXPL: 0CVE-2019-2537 – mysql: Server: DDL unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2537
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availabil... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.9EPSS: 0%CPEs: 18EXPL: 0CVE-2019-2539 – mysql: Server: Connection unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2539
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.9EPSS: 0%CPEs: 24EXPL: 0CVE-2019-2481 – mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2481
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Ava... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 5.9EPSS: 7%CPEs: 47EXPL: 0CVE-2018-0735 – Timing attack against ECDSA signature generation
https://notcve.org/view.php?id=CVE-2018-0735
29 Oct 2018 — The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Se ha demostrado que el algoritmo de firmas ECDSA en OpenSSL es vulnerable a un ataque de sincronización de canal lateral. • http://www.securityfocus.com/bid/105750 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-385: Covert Timing Channel •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2018-3133 – mysql: Server: Parser unspecified vulnerability (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3133
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base ... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-3137
https://notcve.org/view.php?id=CVE-2018-3137
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 6.5EPSS: 0%CPEs: 20EXPL: 0CVE-2018-3143 – mysql: InnoDB unspecified vulnerability (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3143
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability im... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •