CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0CVE-2020-14776 – mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
https://notcve.org/view.php?id=CVE-2020-14776
21 Oct 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR •
CVSS: 5.3EPSS: 0%CPEs: 17EXPL: 0CVE-2020-14550 – mysql: C API unspecified vulnerability (CPU Jul 2020)
https://notcve.org/view.php?id=CVE-2020-14550
15 Jul 2020 — Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.3 (Availability impact... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C •
CVSS: 4.3EPSS: 0%CPEs: 17EXPL: 0CVE-2020-2922 – mysql: C API unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2922
15 Apr 2020 — Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). • https://security.gentoo.org/glsa/202105-27 •
CVSS: 4.9EPSS: 0%CPEs: 23EXPL: 0CVE-2020-2812 – mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2812
15 Apr 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (A... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html •
CVSS: 4.9EPSS: 0%CPEs: 19EXPL: 0CVE-2020-2814 – mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2814
15 Apr 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impact... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html •
CVSS: 6.5EPSS: 0%CPEs: 20EXPL: 0CVE-2020-2780 – mysql: Server: DML unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2780
15 Apr 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability im... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2020-2760 – mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2760
15 Apr 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0CVE-2020-2752 – mysql: C API unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2752
15 Apr 2020 — Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.3 (Availability impact... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2020-7221
https://notcve.org/view.php?id=CVE-2020-7221
04 Feb 2020 — mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. NOTE: this does not affect the Oracle MySQL product, which implements mysql_install_db differently. mysql_install_db en MariaDB versiones 10.4.7 hasta 10.4.11, permite una escalada de privilegios de la cuenta de usuario mysql a root porque chown y chmod se rea... • https://bugzilla.suse.com/show_bug.cgi?id=1160868 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.9EPSS: 0%CPEs: 17EXPL: 0CVE-2020-2574 – mysql: C API unspecified vulnerability (CPU Jan 2020)
https://notcve.org/view.php?id=CVE-2020-2574
15 Jan 2020 — Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9 (Availability impac... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html • CWE-400: Uncontrolled Resource Consumption •