New Upstream Release - mysqltuner
Ready changes
Summary
Merged new upstream version: 1.9.9 (was: 1.7.17).
Resulting package
Built on 2022-10-12T10:54 (took 5m31s)
The resulting binary packages can be installed (if you have the apt repository enabled) by running one of:
apt install -t fresh-releases mysqltuner
Lintian Result
Diff
diff --git a/.github/workflows/exec.yml b/.github/workflows/exec.yml
new file mode 100644
index 0000000..cb42ae0
--- /dev/null
+++ b/.github/workflows/exec.yml
@@ -0,0 +1,36 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CI
+
+# Controls when the workflow will run
+on:
+ # Triggers the workflow on push or pull request events but only for the master branch
+ push:
+ branches: [ master ]
+ pull_request:
+ branches: [ master ]
+
+ # Allows you to run this workflow manually from the Actions tab
+ workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+ # This workflow contains a single job called "build"
+ build:
+ # The type of runner that the job will run on
+ runs-on: ubuntu-latest
+
+ # Steps represent a sequence of tasks that will be executed as part of the job
+ steps:
+ # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+ - uses: actions/checkout@v3
+
+ # Runs a single command using the runners shell
+ - name: Run a one-line script
+ run: perl ./mysqltuner.pl --help
+
+ # Runs a set of commands using the runners shell
+ - name: Run a multi-line script
+ run: |
+ echo Add other actions to build,
+ echo test, and deploy your project.
diff --git a/.gitignore b/.gitignore
index bf0c3bd..14af449 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,11 +1,11 @@
-build/mysqltuner-*
-build/mysqltuner.spec
-build/build.log
-build/cve*
-build/vulnerabilities*
-*.bak
-Vagrant/Vagrantfile
-Vagrant/data
-Vagrant/.vagrant
-contents
-contents/*
+build/mysqltuner-*
+build/mysqltuner.spec
+build/build.log
+build/cve*
+build/vulnerabilities*
+*.bak
+Vagrant/Vagrantfile
+Vagrant/data
+Vagrant/.vagrant
+contents
+contents/*
diff --git a/.travis.yml b/.travis.yml
index def1fcf..d0dda86 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,167 +1,25 @@
-sudo: false
-
language: perl
-
-matrix:
- include:
- - addons:
- mariadb: "5.5"
- name: "MariaDB 5.5/Perl 5.24"
- perl: "5.24"
- - addons:
- mariadb: "10.0"
- name: "MariaDB 10.0/Perl 5.24"
- perl: "5.24"
- - addons:
- mariadb: "10.1"
- name: "MariaDB 10.1/Perl 5.24"
- perl: "5.24"
- - addons:
- mariadb: "10.2"
- name: "MariaDB 10.2/Perl 5.24"
- perl: "5.24"
- - addons:
- mariadb: "10.3"
- name: "MariaDB 10.3/Perl 5.24"
- perl: "5.24"
- - addons:
- mariadb: "10.4"
- name: "MariaDB 10.4/Perl 5.24"
- perl: "5.24"
- - addons:
- mysql: "5.5"
- name: "MySQL 5.5/Perl 5.24"
- perl: "5.24"
- - addons:
- mysql: "5.6"
- name: "MySQL 5.6/Perl 5.24"
- perl: "5.24"
- - addons:
- apt:
- sources:
- - mysql-5.7-trusty
- packages:
- - mysql-server
- - mysql-client
- name: "MySQL 5.7/Perl 5.24"
- perl: "5.24"
- - addons:
- apt:
- sources:
- - mysql-8.0-trusty
- packages:
- - mysql-server
- - mysql-client
- name: "MySQL 8/Perl 5.24"
- perl: "5.24"
-
- - addons:
- mariadb: "5.5"
- name: "MariaDB 5.5/Perl 5.16"
- perl: "5.16"
- - addons:
- mariadb: "10.0"
- name: "MariaDB 10.0/Perl 5.16"
- perl: "5.16"
- - addons:
- mariadb: "10.1"
- name: "MariaDB 10.1/Perl 5.16"
- perl: "5.16"
- - addons:
- mariadb: "10.2"
- name: "MariaDB 10.2/Perl 5.16"
- perl: "5.16"
- - addons:
- mariadb: "10.3"
- name: "MariaDB 10.3/Perl 5.16"
- perl: "5.16"
- - addons:
- mariadb: "10.4"
- name: "MariaDB 10.4/Perl 5.16"
- perl: "5.16"
- - addons:
- mysql: "5.5"
- name: "MySQL 5.5/Perl 5.16"
- perl: "5.16"
- - addons:
- mysql: "5.6"
- name: "MySQL 5.6/Perl 5.16"
- perl: "5.16"
- - addons:
- apt:
- sources:
- - mysql-5.7-trusty
- packages:
- - mysql-server
- - mysql-client
- name: "MySQL 5.7/Perl 5.16"
- perl: "5.16"
- - addons:
- apt:
- sources:
- - mysql-8.0-trusty
- packages:
- - mysql-server
- - mysql-client
- name: "MySQL 8/Perl 5.16"
- perl: "5.16"
-
- - addons:
- mariadb: "5.5"
- name: "MariaDB 5.5/Perl 5.10"
- perl: "5.10"
- - addons:
- mariadb: "10.0"
- name: "MariaDB 10.0/Perl 5.10"
- perl: "5.10"
- - addons:
- mariadb: "10.1"
- name: "MariaDB 10.1/Perl 5.10"
- perl: "5.10"
- - addons:
- mariadb: "10.2"
- name: "MariaDB 10.2/Perl 5.10"
- perl: "5.10"
- - addons:
- mariadb: "10.3"
- name: "MariaDB 10.3/Perl 5.10"
- perl: "5.10"
- - addons:
- mariadb: "10.4"
- name: "MariaDB 10.4/Perl 5.10"
- perl: "5.10"
- - addons:
- mysql: "5.5"
- name: "MySQL 5.5/Perl 5.10"
- perl: "5.10"
- - addons:
- mysql: "5.6"
- name: "MySQL 5.6/Perl 5.10"
- perl: "5.10"
- - addons:
- apt:
- sources:
- - mysql-5.7-trusty
- packages:
- - mysql-server
- - mysql-client
- name: "MySQL 5.7/Perl 5.10"
- perl: "5.10"
- - addons:
- apt:
- sources:
- - mysql-8.0-trusty
- packages:
- - mysql-server
- - mysql-client
- name: "MySQL 8/Perl 5.10"
- perl: "5.10"
-
-before_install:
- - git clone git://github.com/haarg/perl-travis-helper
- - source perl-travis-helper/init
- - build-perl
- - perl -V
+perl:
+ - "5.24"
+
+os: linux
+dist: focal
+
+services:
+ - docker
+
+env:
+ - DB=mariadb:5.5
+ - DB=mariadb:10.2
+ - DB=mariadb:10.3
+ - DB=mariadb:10.4
+ - DB=mariadb:10.5
+ - DB=mysql:5.5
+ - DB=mysql:5.7
+ - DB=mysql:8.0
+ - DB=percona:5.6
+ - DB=percona:5.7
+ - DB=percona:8.0
install:
- cpanm --quiet --notest Data::Dumper
@@ -170,19 +28,27 @@ install:
- cpanm --quiet --notest Text::Template
before_script:
- - echo -e "[client]\nuser=root\npassword=\"\"" > .my.cnf
- - chmod 600 .my.cnf
+ - mysql --version
+ - mysqladmin --version
+ - docker run -it --name=mysqltestinstance -d -e MYSQL_ALLOW_EMPTY_PASSWORD=yes -p 3306:3306 ${DB}
+ - echo -e "[client]\nuser=root\npassword=\"\"\nhost=127.0.0.1" > ~/.my.cnf
+ - chmod 600 ~/.my.cnf
- git clone https://github.com/datacharmer/test_db.git
- cd test_db
- - cat employees.sql | grep -v 'storage_engine' | mysql
+ - count=10
+ - while ! mysql -e 'select version()' && [ $count -gt 0 ]; do echo $count seconds to go; sleep 1; count=$(( $count - 1 )); done
+ - if [[ $DB =~ .*:8.0 ]] ; then
+ for file in public_key.pem ca.pem server-cert.pem client-key.pem client-cert.pem ; do
+ docker cp mysqltestinstance:/var/lib/mysql/$file "${HOME}" ;
+ done ;
+ fi
+ - "cat employees.sql | grep -v 'storage_engine' | mysql"
- cd ..
script:
- - perlcritic --exclude InputOutput::ProhibitInteractiveTest mysqltuner.pl
- - ./mysqltuner.pl --verbose --tbstat 2>stderr.txt | tee -a "stdout.txt"
+ - ./mysqltuner.pl --verbose --tbstat 2>stderr.txt | tee -a "stdout.txt"
after_script:
+ - docker stop mysqltestinstance
- echo "Standard Output: $(cat stdout.txt)"
- echo "Standard Error : $(cat stderr.txt)"
- - [ "0" = "$(wl -l stderr.txt)" ] || exit 2
-
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 68fcbaf..6608810 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -181,7 +181,7 @@ Copy of the license is available at [LICENSE]
## MySQLTuner Code Conventions
1. Check code convention using **perltidy** and **perlcritic**
-2. Don't manually update the version number in `mysqltuner.pl`.
+2. Don't manually update the version number in `mysqltuner.pl`.
[Enhancement issue]:https://github.com/major/MySQLTuner-perl/labels/enhancement
diff --git a/INTERNALS.md b/INTERNALS.md
index aa6121f..3e009cb 100644
--- a/INTERNALS.md
+++ b/INTERNALS.md
@@ -1,416 +1,417 @@
-## MySQLTuner Internals
-
-## Table of contents
-
-* [MySQLTuner steps](#mysqltuner-steps)
-* [Get login information steps](#mysqltuner-get-login-information-steps)
-* [System checks](#mysqltuner-system-checks)
-* [Server version checks](#mysqltuner-server-version-checks)
-* [Error log file checks](#mysql-error-log-file-analysis)
-* [MySQL Storage engine general information](#mysql-storage-engine-general-information)
-* [Security checks](#mysqltuner-security-checks)
-* [CVE checks](#mysqltuner-cve-checks)
-* [Database information](#mysqltuner-database-information)
-* [Index information](#mysqltuner-index-information)
-* [Connections information](#mysqltuner-connections-information)
-* [Server information](#mysqltuner-server-information)
-* [Sort, join and temp table information](#mysqltuner-sort-join-and-temp-table-information)
-* [Global buffer information](#mysqltuner-global-buffer-information)
-* [Query cache checks](#mysqltuner-query-cache-checks)
-* [Slow queries checks](#mysqltuner-slow-queries-checks)
-* [ThreadPool information](#mysqltuner-threadpool-information)
-* [Replication checks](#mysqltuner-replication-checks)
-* [InnoDB information](#mysqltuner-innodb-information)
-* [MYISAM information](#mysqltuner-myisam-information)
-* [ARIADB information](#mysqltuner-ariadb-information)
-* [XTRADB information](#mysqltuner-xtradb-information)
-* [TOKUDB information](#mysqltuner-tokudb-information)
-* [ROCKDB information](#mysqltuner-rockdb-information)
-* [CONNECT information](#mysqltuner-connect-information)
-* [SPIDER information](#mysqltuner-spider-information)
-* [GALERA information](#mysqltuner-galera-information)
-* [Performance Schema information](#mysqltuner-performance-schema-and-sysschema-information)
-
-## MySQLTuner steps
-
-* Header Print
-* Get login information
-* Set up some OS variables
-* Toss variables/status into hashes
-* Get information about the tuning connexion
-* Check current MySQL version
-* Suggest 64-bit upgrade
-* Analyze mysqld error log file
-* Show enabled storage engines
-* Show informations about databases (option: --dbstat)
-* Show informations about indexes (option: --idxstat)
-* Display some security recommendations
-* Calculate everything we need
-* Print the server stats
-* Print MyISAM stats
-* Print InnoDB stats
-* Print AriaDB stats
-* Print replication info
-* Make recommendations based on stats
-* Close reportfile if needed
-* Dump result if debug is on
-
-## MySQLTuner get login information steps
-
-* Is a login possible?
- * Force socket?
- * Remote connection?
- * _Specifying available RAM is required_
- * Got user/pass on command line?
- * mysql-quickbackup credentials available?
- * Plesk credentials available?
- * DirectAdmin credentials available?
- * Debian maintenance account credentials available?
- * Just try a login
- * If working, and .my.cnf isn't there, **WARNING**
- * If working, and .my.cnf is there, okay
- * Prompt for creds on the console
-
-## MySQLTuner system checks
-* 32-bit w/>2GB RAM check
-* Check number of opened ports (warning if more than 9 ports opened)
-* Check 80, 8080, 443 and 8443 ports if warning are raised if there are opened
-* Check if some banned ports are not opened (option --bannedports separated by comma)
-* Check if non kernel and user process except mysqld are not using more than 15% of total physical memory)
-* Check vm.swapiness
-* Check /etc/security/limit.conf
-* Check sysctl entries: sunrpc.tcp_slot_entries, vm.swappiness, fs.aio-fs-nr
-* Check mount point
-* Check Ethernet card
-* Check load average
-
-## MySQLTuner Server version checks
-* EOL MySQL version check
-* Currently MySQL < 5.1 are EOF considered.
-* Using 5.5+ version of MySQL for performance issue (asynchronous IO).
-
-## Mysql error log file analysis
-* Look for potential current error log file name
-* Check permission on error log file
-* Check size on error log file
-* Check error and warning on error log file
-* Find last start and shutdown on error log file
-
-## MySQL Storage engine general information
-
-* Get storage engine counts/stats
- * Check for DB engines that are enabled but unused
- * Look for fragmented tables
- * Look for auto-increments near capacity
- * Look for table with autoincrement with value near max capacity
-
-## MySQLTuner security checks
-
-* Is anonymous user present?
-* Users without passwords
-* Users w/username as password
-* Users w/o host restriction
-* Weak password check (possibly using cracklib later?)
-* Using basic_passwords.txt as password database
-* Password list checks can be avoid (option: --skippassword)
-
-## MySQLTuner CVE vulnerabilities detection
-
-* option: --cvefile
-* Check if your MariaDB or MySQL version contains CVE bulletins.
-
-## MySQLTuner database information
-* Performance analysis parameter checks
-* Per database information
- * Tables number
- * Rows number
- * Total size
- * Data size
- * Percentage of data size
- * Index size
- * Percentage of index size
- * Collation number
- * Check that there is only one collation for all table in a database
- * Check that there is only one collation for ll table columns in a database
- * Check that there is only one storage engine per user database
-
-
-## MySQLTuner index information
-
-* Top 10 worth selectivity index
-* Per index information
- * Index Cardinality
- * Index Selectivity
- * Misc information about index definition
- * Misc information about index size
-
-## MySQLTuner Connections information
-
-* Highest usage of available connections
-* Percentage of used connections (<85%)
-* Percentage of aborted connections (<3%)
-
-## MySQLTuner server information
-
-* Uptime: If MySQL started within last 24 hours
-* Bytes received and sent
-* Number of connections
-* Percentage between reads and writes
-* Is binary log activated ?
- * Is GTID mode activated ?
-
-## MySQLTuner sort, join and temp table information
-* Max memory temporary table size allowed.
-* Percentage of sort using temporary table (<10%)
-* Number of join performed without using indexes (<250)
-* Percentage of temporary table written on disk(<25%)
-* Thread cache (=4)
-* Thread cache hit ratio (>50%) if thread_handling is different of pools-of-threads
-* Table cache hit ratio(>2°%)
-* Percentage of open file and open file limit(<85%)
-* Percentage of table locks (<95%)
-* Percentage of binlog cache lock (<90%)
-
-## MySQLTuner global buffer information
-
-* Key Buffer
-* Max Tmp Table
-* Per Thread Buffer
- * Read Buffer
- * Read RND Buffer
- * Sort Buffer
- * Thread stack
- * Join Buffer
- * Binlog Cache Buffers size if activated
-
-## MySQLTuner query cache checks
-
-* Is Query cache activated ?
- * Query Cache Buffers
- * Query Cache DISABLED, ALL REQUEST or ON DEMAND
- * Query Cache Size
- * Query cache hit ratio (cache efficiency)
-
-## MySQLTuner memory checks
-
-* Get total RAM/swap
-* Is there enough memory for max connections reached by MySQL ?
-* Is there enough memory for max connections allowed by MySQL ?
-* Max percentage of memory used(<85%)
-
-## MySQLTuner slow queries checks
-
-* Percentage of Slow queries (<5%)
-
-## MySQLTuner replication checks
-
-* Is server replication configured as slave ?
-* SQL replication thread running ?
-* IO replication thread running ?
-* Replication lag in seconds (Seconds_behind_master)
-* Is Slave configured in read only ?
-* replication type ROW, MIX, STMT
-* replication Semisync master
-* replication Semisync slave
-* XA support activated
-* replication started ?
-
-## MySQLTuner InnoDB information
-
-* InnoDB Buffer Pool Size
- * If possible, innodb_buffer_pool_size should be greater data and index size for Innodb Table
- * Innodb_buffer_pool_size should around 75 to 80 % of the available system memory.
-* InnoDB Buffer Pool Instances
- * MySQL needs 1 instance per 1Go of Buffer Pool
- * innodb_buffer_pool instances = round(innodb_buffer_pool_size / 1Go)
- * innodb_buffer_pool instances must be equals or lower than 64
-
- - A bug in MySQL 5.6 causes SHOW VARIABLES to report an innodb_buffer_pool_instances value of 8 when innodb_buffer_pool_size is less than 1GB and only one buffer pool instance is present (Bug #18343670).
-
-* InnoDB Buffer Pool Usage
- * If more than 20% of InnoDB buffer pool is not used, MySQLTuner raise an alert.
-* InnoDB Buffer Pool Log Size
- * InnoDB total log file size should be 25% of innodb_buffer_pool_size
-* InnoDB Read efficiency
- * Ratio of read without locks
-* InnoDB Write efficiency
- * Ratio of write without locks
-* InnoDB Log Waits
- * Checks that no lock is used on Innodb Log.
-* InnoDB Chunk Size
- * Check InnoDB Buffer Pool size is a multiple of InnoDB Buffer Pool chunk size * InnoDB Buffer Pool instances
-
-## MySQLTuner ARIADB information
-
-* Is Aria indexes size is greater than page cache size ?
-* Page cache read hit ratio (>95%)
-* Page cache write hit ratio (>95%)
-
-
-## MySQLTuner MYISAM information
-
-* Key buffer usage (>90%)
-* Is MyISAM indexes size is greater than key buffer size ?
-* Key buffer read hit ratio (>95%)
-* Key buffer write hit ratio (>95%)
-
-## MySQLTuner Galera information
-* wsrep_ready cluster is ready
-* wsrep_connected node is connected to other nodes
-* wsrep_cluster_name is defined.
-* wsrep_node_name is defined.
-* Check thet notification script wsrep_notify_cmd is defined
-* wsrep_cluster_status PRIMARY /NON PRIMARY.
- * PRIMARY : Coherent cluster
- * NO PRIMARY : cluster gets several states
-* wsrep_ local_state_comment: Node state
- * SYNCED (uptodate),
- * DONOR(sending information to another node)
- * Joiner(Try to reach cluster group)
- * SYNCED state able to read/write
-* wsrep_cluster_conf_id configuration level must be identical in all nodes
-* wsrep_slave_thread is between 3 or 4 times number of CPU core.
-* gcs.limit should be equal to wsrep_slave_threads * 5
-* gcs.fc_factor should be equal to 0.8
-* Flow control fraction should be lower than 0.02 (wsrep_flow_control_paused < 0.02)
-* wsrep_last_commited committed level must be identical in all nodes
-* Look for tables without primary keys
-* Look for non InnoDB tables for Galera
-* Variable innodb_flush_log_at_trx_commit should be set to 0.
-* Check that there is 3 or 5 members in Galera cluster.
-* Check that xtrabackup is used for SST method with wsrep_sst_method variable.
-* Check variables wsrep_OSU_method is defined to TOI for updates.
-* Check that there is no certification failures controlling wsrep_local_cert_failures status.
-
-## MySQLTuner TokuDB information
-
-* tokudb_cache_size
-* tokudb_directio
-* tokudb_empty_scan
-* tokudb_read_block_size
-* tokudb_commit_sync
-* tokudb_checkpointing_period
-* tokudb_block_size
-* tokudb_cleaner_iterations
-* tokudb_fanout
-
-## MySQLTuner XtraDB information
-
-* Nothing for the moment
-
-## MySQLTuner Connect information
-
-* Nothing for the moment
-
-## MySQLTuner Spider information
-
-* Nothing for the moment
-
-## MySQLTuner RocksDb information
-
-* Nothing for the moment
-
-## MySQLTuner Thread pool information
-
-* thread_pool_size between 16 to 36 for Innodb usage
-* thread_pool_size between 4 to 8 for MyIsam usage
-
-## MySQLTuner performance schema and sysschema information
-* Check that Performance schema is activated for 5.6+ version
-* Check that Performance schema is deactivated for 5.5- version
-* Check that Sys schema is installed
-* sys Schema version
-* Top user per connection
-* Top user per statement
-* Top user per statement latency
-* Top user per lock latency
-* Top user per full scans
-* Top user per row_sent
-* Top user per row modified
-* Top user per io
-* Top user per io latency
-* Top host per connection
-* Top host per statement
-* Top host per statement latency
-* Top host per lock latency
-* Top host per full scans
-* Top host per rows sent
-* Top host per rows modified
-* Top host per io
-* Top 5 host per io latency
-* Top IO type order by total io
-* Top IO type order by total latency
-* Top IO type order by max latency
-* Top Stages order by total io
-* Top Stages order by total latency
-* Top Stages order by avg latency
-* Top host per table scans
-* InnoDB Buffer Pool by schema
-* InnoDB Buffer Pool by table
-* Process per allocated memory
-* InnoDB Lock Waits
-* Threads IO Latency
-* High Cost SQL statements
-* Top 5% slower queries
-* Top 10 nb statement type
-* Top statement by total latency
-* Top statement by lock latency
-* Top statement by full scans
-* Top statement by rows sent
-* Top statement by rows modified
-* Use temporary tables
-* Unused Indexes
-* Full table scans
-* Latest file IO by latency
-* File by IO read bytes
-* File by IO written bytes
-* File per IO total latency
-* File per IO read latency
-* File per IO write latency
-* Event Wait by read bytes
-* Event Wait by write bytes
-* Event per wait total latency
-* Event per wait read latency
-* Event per wait write latency
-* TOP 15 most read indexes
-* TOP 15 most modified indexes
-* TOP 15 high select latency index
-* TOP 15 high insert latency index
-* TOP 15 high update latency index
-* TOP 15 high delete latency index
-* TOP 15 most read tables
-* TOP 15 most modified tables
-* TOP 15 high select latency tables
-* TOP 15 high insert latency tables
-* TOP 15 high update latency tables
-* TOP 15 high delete latency tables
-* Redundant indexes
-* Tables not using InnoDb buffer
-* Top 15 Tables using InnoDb buffer
-* Top 15 Tables with InnoDb buffer free
-* Top 15 Most executed queries
-* Latest SQL queries in errors or warnings
-* Top 20 queries with full table scans
-* TOP 15 reader queries (95% percentile)
-* TOP 15 row look queries (95% percentile)
-* TOP 15 total latency queries (95% percentile)
-* TOP 15 max latency queries (95% percentile)
-* TOP 15 average latency queries (95% percentile)
-* Top 20 queries with sort
-* Last 50 queries with sort
-* TOP 15 row sorting queries with sort
-* TOP 15 total latency queries with sort
-* TOP 15 merge queries with sort
-* TOP 15 average sort merges queries with sort
-* TOP 15 scans queries with sort
-* TOP 15 range queries with sort
-* Top 20 queries with temp table
-* Last 50 queries with temp table
-* TOP 15 total latency queries with temp table
-* TOP 15 queries with temp table to disk
-* TOP 15 class events by number
-* TOP 30 events by number
-* TOP 15 class events by total latency
-* TOP 30 events by total latency
-* TOP 15 class events by max latency
-* TOP 30 events by max latency
+## MySQLTuner Internals
+
+## Table of contents
+
+* [MySQLTuner steps](#mysqltuner-steps)
+* [Get login information steps](#mysqltuner-get-login-information-steps)
+* [System checks](#mysqltuner-system-checks)
+* [Server version checks](#mysqltuner-server-version-checks)
+* [Error log file checks](#mysql-error-log-file-analysis)
+* [MySQL Storage engine general information](#mysql-storage-engine-general-information)
+* [Security checks](#mysqltuner-security-checks)
+* [CVE checks](#mysqltuner-cve-checks)
+* [Database information](#mysqltuner-database-information)
+* [Index information](#mysqltuner-index-information)
+* [Connections information](#mysqltuner-connections-information)
+* [Server information](#mysqltuner-server-information)
+* [Sort, join and temp table information](#mysqltuner-sort-join-and-temp-table-information)
+* [Global buffer information](#mysqltuner-global-buffer-information)
+* [Query cache checks](#mysqltuner-query-cache-checks)
+* [Slow queries checks](#mysqltuner-slow-queries-checks)
+* [ThreadPool information](#mysqltuner-threadpool-information)
+* [Replication checks](#mysqltuner-replication-checks)
+* [InnoDB information](#mysqltuner-innodb-information)
+* [MYISAM information](#mysqltuner-myisam-information)
+* [ARIADB information](#mysqltuner-ariadb-information)
+* [XTRADB information](#mysqltuner-xtradb-information)
+* [TOKUDB information](#mysqltuner-tokudb-information)
+* [ROCKDB information](#mysqltuner-rockdb-information)
+* [CONNECT information](#mysqltuner-connect-information)
+* [SPIDER information](#mysqltuner-spider-information)
+* [GALERA information](#mysqltuner-galera-information)
+* [Performance Schema information](#mysqltuner-performance-schema-and-sysschema-information)
+
+## MySQLTuner steps
+
+* Header Print
+* Get login information
+* Set up some OS variables
+* Toss variables/status into hashes
+* Get information about the tuning connexion
+* Check current MySQL version
+* Suggest 64-bit upgrade
+* Analyze mysqld error log file
+* Show enabled storage engines
+* Show informations about databases (option: --dbstat)
+* Show informations about indexes (option: --idxstat)
+* Display some security recommendations
+* Calculate everything we need
+* Print the server stats
+* Print MyISAM stats
+* Print InnoDB stats
+* Print AriaDB stats
+* Print replication info
+* Make recommendations based on stats
+* Close reportfile if needed
+* Dump result if debug is on
+
+## MySQLTuner get login information steps
+
+* Is a login possible?
+ * Force socket?
+ * Remote connection?
+ * _Specifying available RAM is required_
+ * Got user/pass on command line?
+ * mysql-quickbackup credentials available?
+ * Plesk credentials available?
+ * DirectAdmin credentials available?
+ * Debian maintenance account credentials available?
+ * Just try a login
+ * If working, and .my.cnf isn't there, **WARNING**
+ * If working, and .my.cnf is there, okay
+ * Prompt for creds on the console
+
+## MySQLTuner system checks
+* 32-bit w/>2GB RAM check
+* Check number of opened ports (warning if more than 9 ports opened)
+* Check 80, 8080, 443 and 8443 ports if warning are raised if there are opened
+* Check if some banned ports are not opened (option --bannedports separated by comma)
+* Check if non kernel and user process except mysqld are not using more than 15% of total physical memory)
+* Check vm.swapiness
+* Check /etc/security/limit.conf
+* Check sysctl entries: sunrpc.tcp_slot_entries, vm.swappiness, fs.aio-fs-nr
+* Check mount point
+* Check Ethernet card
+* Check load average
+
+## MySQLTuner Server version checks
+* EOL MySQL version check
+* Currently MySQL < 5.1 are EOF considered.
+* Using 5.5+ version of MySQL for performance issue (asynchronous IO).
+
+## Mysql error log file analysis
+* Look for potential current error log file name
+* Check permission on error log file
+* Check size on error log file
+* Check error and warning on error log file
+* Find last start and shutdown on error log file
+
+## MySQL Storage engine general information
+
+* Get storage engine counts/stats
+ * Check for DB engines that are enabled but unused
+ * Look for fragmented tables
+ * Look for auto-increments near capacity
+ * Look for table with autoincrement with value near max capacity
+
+## MySQLTuner security checks
+
+* Is anonymous user present?
+* Users without passwords
+* Users w/username as password
+* Users w/o host restriction
+* Weak password check (possibly using cracklib later?)
+* Using basic_passwords.txt as password database
+* Password list checks can be avoid (option: --skippassword)
+
+## MySQLTuner CVE vulnerabilities detection
+
+* option: --cvefile
+* Check if your MariaDB or MySQL version contains CVE bulletins.
+
+## MySQLTuner database information
+* Performance analysis parameter checks
+* Per database information
+ * Tables number
+ * Rows number
+ * Total size
+ * Data size
+ * Percentage of data size
+ * Index size
+ * Percentage of index size
+ * Collation number
+ * Check that there is only one collation for all table in a database
+ * Check that there is only one collation for ll table columns in a database
+ * Check that there is only one storage engine per user database
+
+
+## MySQLTuner index information
+
+* Top 10 worth selectivity index
+* Per index information
+ * Index Cardinality
+ * Index Selectivity
+ * Misc information about index definition
+ * Misc information about index size
+
+## MySQLTuner Connections information
+
+* Highest usage of available connections
+* Percentage of used connections (<85%)
+* Percentage of aborted connections (<3%)
+
+## MySQLTuner server information
+
+* Uptime: If MySQL started within last 24 hours
+* Bytes received and sent
+* Number of connections
+* Percentage between reads and writes
+* Is binary log activated ?
+ * Is GTID mode activated ?
+
+## MySQLTuner sort, join and temp table information
+* Max memory temporary table size allowed.
+* Percentage of sort using temporary table (<10%)
+* Number of join performed without using indexes (<250)
+* Percentage of temporary table written on disk(<25%)
+* Thread cache (=4)
+* Thread cache hit ratio (>50%) if thread_handling is different of pools-of-threads
+* Table cache hit ratio(>2°%)
+* Table cache definition should be upper that total number of tables or in autoresizing mode
+* Percentage of open file and open file limit(<85%)
+* Percentage of table locks (<95%)
+* Percentage of binlog cache lock (<90%)
+
+## MySQLTuner global buffer information
+
+* Key Buffer
+* Max Tmp Table
+* Per Thread Buffer
+ * Read Buffer
+ * Read RND Buffer
+ * Sort Buffer
+ * Thread stack
+ * Join Buffer
+ * Binlog Cache Buffers size if activated
+
+## MySQLTuner query cache checks
+
+* Is Query cache activated ?
+ * Query Cache Buffers
+ * Query Cache DISABLED, ALL REQUEST or ON DEMAND
+ * Query Cache Size
+ * Query cache hit ratio (cache efficiency)
+
+## MySQLTuner memory checks
+
+* Get total RAM/swap
+* Is there enough memory for max connections reached by MySQL ?
+* Is there enough memory for max connections allowed by MySQL ?
+* Max percentage of memory used(<85%)
+
+## MySQLTuner slow queries checks
+
+* Percentage of Slow queries (<5%)
+
+## MySQLTuner replication checks
+
+* Is server replication configured as slave ?
+* SQL replication thread running ?
+* IO replication thread running ?
+* Replication lag in seconds (Seconds_behind_master)
+* Is Slave configured in read only ?
+* replication type ROW, MIX, STMT
+* replication Semisync master
+* replication Semisync slave
+* XA support activated
+* replication started ?
+
+## MySQLTuner InnoDB information
+
+* InnoDB Buffer Pool Size
+ * If possible, innodb_buffer_pool_size should be greater data and index size for Innodb Table
+ * Innodb_buffer_pool_size should around 75 to 80 % of the available system memory.
+* InnoDB Buffer Pool Instances
+ * MySQL needs 1 instance per 1Go of Buffer Pool
+ * innodb_buffer_pool instances = round(innodb_buffer_pool_size / 1Go)
+ * innodb_buffer_pool instances must be equals or lower than 64
+
+ - A bug in MySQL 5.6 causes SHOW VARIABLES to report an innodb_buffer_pool_instances value of 8 when innodb_buffer_pool_size is less than 1GB and only one buffer pool instance is present (Bug #18343670).
+
+* InnoDB Buffer Pool Usage
+ * If more than 20% of InnoDB buffer pool is not used, MySQLTuner raise an alert.
+* InnoDB Buffer Pool Log Size
+ * InnoDB total log file size should be 25% of innodb_buffer_pool_size
+* InnoDB Read efficiency
+ * Ratio of read without locks
+* InnoDB Write efficiency
+ * Ratio of write without locks
+* InnoDB Log Waits
+ * Checks that no lock is used on Innodb Log.
+* InnoDB Chunk Size
+ * Check InnoDB Buffer Pool size is a multiple of InnoDB Buffer Pool chunk size * InnoDB Buffer Pool instances
+
+## MySQLTuner ARIADB information
+
+* Is Aria indexes size is greater than page cache size ?
+* Page cache read hit ratio (>95%)
+* Page cache write hit ratio (>95%)
+
+
+## MySQLTuner MYISAM information
+
+* Key buffer usage (>90%)
+* Is MyISAM indexes size is greater than key buffer size ?
+* Key buffer read hit ratio (>95%)
+* Key buffer write hit ratio (>95%)
+
+## MySQLTuner Galera information
+* wsrep_ready cluster is ready
+* wsrep_connected node is connected to other nodes
+* wsrep_cluster_name is defined.
+* wsrep_node_name is defined.
+* Check thet notification script wsrep_notify_cmd is defined
+* wsrep_cluster_status PRIMARY /NON PRIMARY.
+ * PRIMARY : Coherent cluster
+ * NO PRIMARY : cluster gets several states
+* wsrep_ local_state_comment: Node state
+ * SYNCED (uptodate),
+ * DONOR(sending information to another node)
+ * Joiner(Try to reach cluster group)
+ * SYNCED state able to read/write
+* wsrep_cluster_conf_id configuration level must be identical in all nodes
+* wsrep_slave_thread is between 3 or 4 times number of CPU core.
+* gcs.limit should be equal to wsrep_slave_threads * 5
+* gcs.fc_factor should be equal to 0.8
+* Flow control fraction should be lower than 0.02 (wsrep_flow_control_paused < 0.02)
+* wsrep_last_commited committed level must be identical in all nodes
+* Look for tables without primary keys
+* Look for non InnoDB tables for Galera
+* Variable innodb_flush_log_at_trx_commit should be set to 0.
+* Check that there is 3 or 5 members in Galera cluster.
+* Check that xtrabackup is used for SST method with wsrep_sst_method variable.
+* Check variables wsrep_OSU_method is defined to TOI for updates.
+* Check that there is no certification failures controlling wsrep_local_cert_failures status.
+
+## MySQLTuner TokuDB information
+
+* tokudb_cache_size
+* tokudb_directio
+* tokudb_empty_scan
+* tokudb_read_block_size
+* tokudb_commit_sync
+* tokudb_checkpointing_period
+* tokudb_block_size
+* tokudb_cleaner_iterations
+* tokudb_fanout
+
+## MySQLTuner XtraDB information
+
+* Nothing for the moment
+
+## MySQLTuner Connect information
+
+* Nothing for the moment
+
+## MySQLTuner Spider information
+
+* Nothing for the moment
+
+## MySQLTuner RocksDb information
+
+* Nothing for the moment
+
+## MySQLTuner Thread pool information
+
+* thread_pool_size between 16 to 36 for Innodb usage
+* thread_pool_size between 4 to 8 for MyIsam usage
+
+## MySQLTuner performance schema and sysschema information
+* Check that Performance schema is activated for 5.6+ version
+* Check that Performance schema is deactivated for 5.5- version
+* Check that Sys schema is installed
+* sys Schema version
+* Top user per connection
+* Top user per statement
+* Top user per statement latency
+* Top user per lock latency
+* Top user per full scans
+* Top user per row_sent
+* Top user per row modified
+* Top user per io
+* Top user per io latency
+* Top host per connection
+* Top host per statement
+* Top host per statement latency
+* Top host per lock latency
+* Top host per full scans
+* Top host per rows sent
+* Top host per rows modified
+* Top host per io
+* Top 5 host per io latency
+* Top IO type order by total io
+* Top IO type order by total latency
+* Top IO type order by max latency
+* Top Stages order by total io
+* Top Stages order by total latency
+* Top Stages order by avg latency
+* Top host per table scans
+* InnoDB Buffer Pool by schema
+* InnoDB Buffer Pool by table
+* Process per allocated memory
+* InnoDB Lock Waits
+* Threads IO Latency
+* High Cost SQL statements
+* Top 5% slower queries
+* Top 10 nb statement type
+* Top statement by total latency
+* Top statement by lock latency
+* Top statement by full scans
+* Top statement by rows sent
+* Top statement by rows modified
+* Use temporary tables
+* Unused Indexes
+* Full table scans
+* Latest file IO by latency
+* File by IO read bytes
+* File by IO written bytes
+* File per IO total latency
+* File per IO read latency
+* File per IO write latency
+* Event Wait by read bytes
+* Event Wait by write bytes
+* Event per wait total latency
+* Event per wait read latency
+* Event per wait write latency
+* TOP 15 most read indexes
+* TOP 15 most modified indexes
+* TOP 15 high select latency index
+* TOP 15 high insert latency index
+* TOP 15 high update latency index
+* TOP 15 high delete latency index
+* TOP 15 most read tables
+* TOP 15 most modified tables
+* TOP 15 high select latency tables
+* TOP 15 high insert latency tables
+* TOP 15 high update latency tables
+* TOP 15 high delete latency tables
+* Redundant indexes
+* Tables not using InnoDb buffer
+* Top 15 Tables using InnoDb buffer
+* Top 15 Tables with InnoDb buffer free
+* Top 15 Most executed queries
+* Latest SQL queries in errors or warnings
+* Top 20 queries with full table scans
+* TOP 15 reader queries (95% percentile)
+* TOP 15 row look queries (95% percentile)
+* TOP 15 total latency queries (95% percentile)
+* TOP 15 max latency queries (95% percentile)
+* TOP 15 average latency queries (95% percentile)
+* Top 20 queries with sort
+* Last 50 queries with sort
+* TOP 15 row sorting queries with sort
+* TOP 15 total latency queries with sort
+* TOP 15 merge queries with sort
+* TOP 15 average sort merges queries with sort
+* TOP 15 scans queries with sort
+* TOP 15 range queries with sort
+* Top 20 queries with temp table
+* Last 50 queries with temp table
+* TOP 15 total latency queries with temp table
+* TOP 15 queries with temp table to disk
+* TOP 15 class events by number
+* TOP 30 events by number
+* TOP 15 class events by total latency
+* TOP 30 events by total latency
+* TOP 15 class events by max latency
+* TOP 30 events by max latency
diff --git a/README.fr.md b/README.fr.md
index 8bef63d..09fe27e 100644
--- a/README.fr.md
+++ b/README.fr.md
@@ -1,236 +1,236 @@
-MySQLTuner-perl
-====
-[](https://travis-ci.org/major/MySQLTuner-perl)
-[](http://opensource.box.com/badges)
-[](http://opensource.box.com/badges)
-[](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue")
-[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
-[](https://opensource.org/licenses/GPL-3.0/)
-
-**MySQLTuner** est un script écrit en Perl qui permet d'effectuer une revue de configuration pour MySQL/MAriaDB/PerconaDB rapidement et propose des ajustements pour améliorer la performance et la stabilité du serveur. L'état des variables et statuts est analysé et présenté de manière synthétique et structurée ainsi que plusieurs suggestions basiques concernant la performance.
-
-**MySQLTuner** supporte dans a dernière version plus de ~300 indicators pour MySQL/MariaDB/Percona Server.
-
-**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as , , , Linux OS metrics, , , , ...
-
-You can found more details on this indicators
-.
-
-
-
-
-MySQLTuner needs you:
-===
-
-**MySQLTuner** needs contributors for documentation, code and feedbacks..
-
-* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues)</a>.
-* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
-* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
-
-Compatibility:
-====
-
-* MySQL 5.7 (full support)
-* MySQL 5.6 (full support)
-* MySQL 5.5 (full support)
-* MariaDB 10.1 (full support)
-* MariaDB 10.0 (full support)
-* Percona Server 5.6 (full support)
-* Percona XtraDB cluster (full support)
-* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (partial support - deprecated version)
-* Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package)
-* Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants)
-* Windows is not supported at this time (Help wanted !!!!!)
-* Unrestricted read access to the MySQL server (OS root access recommended for MySQL < 5.1)
-* CVE vulnerabilites detection support from [https://cve.mitre.org](https://cve.mitre.org)
-
-***WARNING***
---
-It is **extremely important** for you to fully understand each change
-you make to a MySQL database server. If you don't understand portions
-of the script's output, or if you don't understand the recommendations,
-**you should consult** a knowledgeable DBA or system administrator
-that you trust. **Always** test your changes on staging environments, and
-always keep in mind that improvements in one area can **negatively affect**
-MySQL in other areas.
-
-**Seriously - please review the FAQ section below.**
-
-What MySQLTuner is checking exactly ?
---
-All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation.
-
-Download/Installation
---
-
-You can download the entire repository by using 'git clone' followed by the cloning URL above. The simplest and shortest method is:
-
- wget http://mysqltuner.pl/ -O mysqltuner.pl
- wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
- wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
- perl mysqltuner.pl
-
-Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly.
-
-Specific usage
---
-
-__Usage:__ Minimal usage locally
-
- perl mysqltuner.pl
-
-__Usage:__ Minimal usage remotely
-
- perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password
-
-__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging
-
- perl mysqltuner.pl --verbose
- perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat
-
-
-__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version
-
- perl mysqltuner.pl --cvefile=vulnerabilities.csv
-
-__Usage:__ Write your result in a file with information displayed
-
- perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt
-
-__Usage:__ Write your result in a file **without outputting information**
-
- perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt
-
-__Usage:__ Using template model to customize your reporting file based on [Text::Template](https://metacpan.org/pod/Text::Template) syntax.
-
- perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl
-
-__Usage:__ Enable debugging information
-
- perl mysqltuner.pl --debug
-
-FAQ
---
-
-**Question: Will MySQLTuner fix my slow MySQL server?**
-
-**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.*
-
-**Question: Can I fire my DBA now?**
-
-**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call.
-
-**Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?**
-
-The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains:
-
- [client]
- user=someusername
- pass=thatuserspassword
-
-Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option.
-
-**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?**
-
-You could use mysql_config_editor utilities.
-
- $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost
- Enter passord: ********
- $
-
-At this time, ~/.mylogin.cnf has been written with appropriated rigth access.
-
-To get information about stored credentials, use the following command:
-
- $mysql_config_editor print
- [client]
- user = someusername
- password = *****
- host = localhost
-
-**Question: What's minimum privileges needed by a specific mysqltuner user in database ?**
-
- mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234;
-
-**Question: It's not working on my OS! What gives?!**
-
-These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly:
-
-* OS and OS version
-* Architecture (x86, x86_64, IA64, Commodore 64)
-* Exact MySQL version
-* Where you obtained your MySQL version (OS package, source, etc)
-* The full text of the error
-* A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible)
-
-**Question: How to perform a CVE vulneralibity checks ?**
-
-* Download vulnerabilities.csv from this repository.
-* use option --cvefile to perform CVE checks
-
-**Question: How to use mysqltuner from remote host ?**
-Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba)
-
-* You will still have to connect like a mysql client:
-
-Connection and Authentication
-
- --host <hostname> Connect to a remote host to perform tests (default: localhost)
- --socket <socket> Use a different socket for a local connection
- --port <port> Port to use for connection (default: 3306)
- --user <username> Username to use for authentication
- --pass <password> Password to use for authentication
- --defaults-file <path> defaulfs file for credentials
-
-Since you are using a remote host, use parameters to supply values from the OS
-
- --forcemem <size> Amount of RAM installed in megabytes
- --forceswap <size> Amount of swap memory configured in megabytes
-
-* You may have to contact your remote SysAdmin to ask how much RAM and swap you have
-
-If the database has too many tables, or very large table, use this:
-
- --skipsize Don't enumerate tables and their types/sizes (default: on)
- (Recommended for servers with many tables)
-
-MySQLTuner and Vagrant
---
-**MySQLTuner** contains following Vagrant configurations:
-* Fedora Core 23 / MariaDB 10.0
-* Fedora Core 23 / MariaDB 10.1
-* Fedora Core 23 / MySQL 5.6
-* Fedora Core 23 / MySQL 5.7
-
-**Vagrant File** are stored in Vagrant subdirectory.
-* Follow this 2 steps after vagrant installation:
-* Rename VagrantFile_for_Mxxx into Vagrantfile
-* vagrant up
-
-**MySQLTuner** contains a Vagrant configurations for test purpose and development
-* Install VirtualBox and Vagrant
- * https://www.virtualbox.org/wiki/Downloads
- * https://www.vagrantup.com/downloads.html
-* Clone repository
- * git clone https://github.com/major/MySQLTuner-perl.git
-* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest
- * vagrant plugin install vagrant-hostmanager
- * vagrant plugin install vagrant-vbguest
-* Add Fedora Core 23 box for official Fedora Download Website
- * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box
-* Create a data directory
- * mkdir data
-* Rename Vagrantfile_MariaDB10.0 into Vagrantfile
- * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile
-* Start vagrant
- * vagrant up
-
-MySQLTuner a besoin de vous
---
-**MySQLTuner** a besoin de contributeurs pour la documentation, le code, des tests et des retours d'expérience.
-
-* Rejoignez-nous sur le suivi de ticket à [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues)</a>.
-* Le guide de contribution en anglais est disponible ici [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
-* Ajouter une étoile à **MySQLTuner project** ici [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
-
+MySQLTuner-perl
+====
+[](https://travis-ci.org/major/MySQLTuner-perl)
+[](http://opensource.box.com/badges)
+[](http://opensource.box.com/badges)
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue")
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
+[](https://opensource.org/licenses/GPL-3.0/)
+
+**MySQLTuner** est un script écrit en Perl qui permet d'effectuer une revue de configuration pour MySQL/MAriaDB/PerconaDB rapidement et propose des ajustements pour améliorer la performance et la stabilité du serveur. L'état des variables et statuts est analysé et présenté de manière synthétique et structurée ainsi que plusieurs suggestions basiques concernant la performance.
+
+**MySQLTuner** supporte dans a dernière version plus de ~300 indicators pour MySQL/MariaDB/Percona Server.
+
+**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as , , , Linux OS metrics, , , , ...
+
+You can found more details on this indicators
+.
+
+
+
+
+MySQLTuner needs you:
+===
+
+**MySQLTuner** needs contributors for documentation, code and feedbacks..
+
+* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues)</a>.
+* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
+
+Compatibility:
+====
+
+* MySQL 5.7 (full support)
+* MySQL 5.6 (full support)
+* MySQL 5.5 (full support)
+* MariaDB 10.1 (full support)
+* MariaDB 10.0 (full support)
+* Percona Server 5.6 (full support)
+* Percona XtraDB cluster (full support)
+* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (partial support - deprecated version)
+* Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package)
+* Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants)
+* Windows is not supported at this time (Help wanted !!!!!)
+* Unrestricted read access to the MySQL server (OS root access recommended for MySQL < 5.1)
+* CVE vulnerabilites detection support from [https://cve.mitre.org](https://cve.mitre.org)
+
+***WARNING***
+--
+It is **extremely important** for you to fully understand each change
+you make to a MySQL database server. If you don't understand portions
+of the script's output, or if you don't understand the recommendations,
+**you should consult** a knowledgeable DBA or system administrator
+that you trust. **Always** test your changes on staging environments, and
+always keep in mind that improvements in one area can **negatively affect**
+MySQL in other areas.
+
+**Seriously - please review the FAQ section below.**
+
+What MySQLTuner is checking exactly ?
+--
+All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation.
+
+Download/Installation
+--
+
+You can download the entire repository by using 'git clone' followed by the cloning URL above. The simplest and shortest method is:
+
+ wget http://mysqltuner.pl/ -O mysqltuner.pl
+ wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
+ wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
+ perl mysqltuner.pl
+
+Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly.
+
+Specific usage
+--
+
+__Usage:__ Minimal usage locally
+
+ perl mysqltuner.pl
+
+__Usage:__ Minimal usage remotely
+
+ perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password
+
+__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging
+
+ perl mysqltuner.pl --verbose
+ perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat
+
+
+__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version
+
+ perl mysqltuner.pl --cvefile=vulnerabilities.csv
+
+__Usage:__ Write your result in a file with information displayed
+
+ perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt
+
+__Usage:__ Write your result in a file **without outputting information**
+
+ perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt
+
+__Usage:__ Using template model to customize your reporting file based on [Text::Template](https://metacpan.org/pod/Text::Template) syntax.
+
+ perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl
+
+__Usage:__ Enable debugging information
+
+ perl mysqltuner.pl --debug
+
+FAQ
+--
+
+**Question: Will MySQLTuner fix my slow MySQL server?**
+
+**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.*
+
+**Question: Can I fire my DBA now?**
+
+**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call.
+
+**Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?**
+
+The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains:
+
+ [client]
+ user=someusername
+ pass=thatuserspassword
+
+Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option.
+
+**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?**
+
+You could use mysql_config_editor utilities.
+
+ $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost
+ Enter passord: ********
+ $
+
+At this time, ~/.mylogin.cnf has been written with appropriated rigth access.
+
+To get information about stored credentials, use the following command:
+
+ $mysql_config_editor print
+ [client]
+ user = someusername
+ password = *****
+ host = localhost
+
+**Question: What's minimum privileges needed by a specific mysqltuner user in database ?**
+
+ mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234;
+
+**Question: It's not working on my OS! What gives?!**
+
+These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly:
+
+* OS and OS version
+* Architecture (x86, x86_64, IA64, Commodore 64)
+* Exact MySQL version
+* Where you obtained your MySQL version (OS package, source, etc)
+* The full text of the error
+* A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible)
+
+**Question: How to perform a CVE vulneralibity checks ?**
+
+* Download vulnerabilities.csv from this repository.
+* use option --cvefile to perform CVE checks
+
+**Question: How to use mysqltuner from remote host ?**
+Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba)
+
+* You will still have to connect like a mysql client:
+
+Connection and Authentication
+
+ --host <hostname> Connect to a remote host to perform tests (default: localhost)
+ --socket <socket> Use a different socket for a local connection
+ --port <port> Port to use for connection (default: 3306)
+ --user <username> Username to use for authentication
+ --pass <password> Password to use for authentication
+ --defaults-file <path> defaulfs file for credentials
+
+Since you are using a remote host, use parameters to supply values from the OS
+
+ --forcemem <size> Amount of RAM installed in megabytes
+ --forceswap <size> Amount of swap memory configured in megabytes
+
+* You may have to contact your remote SysAdmin to ask how much RAM and swap you have
+
+If the database has too many tables, or very large table, use this:
+
+ --skipsize Don't enumerate tables and their types/sizes (default: on)
+ (Recommended for servers with many tables)
+
+MySQLTuner and Vagrant
+--
+**MySQLTuner** contains following Vagrant configurations:
+* Fedora Core 23 / MariaDB 10.0
+* Fedora Core 23 / MariaDB 10.1
+* Fedora Core 23 / MySQL 5.6
+* Fedora Core 23 / MySQL 5.7
+
+**Vagrant File** are stored in Vagrant subdirectory.
+* Follow this 2 steps after vagrant installation:
+* Rename VagrantFile_for_Mxxx into Vagrantfile
+* vagrant up
+
+**MySQLTuner** contains a Vagrant configurations for test purpose and development
+* Install VirtualBox and Vagrant
+ * https://www.virtualbox.org/wiki/Downloads
+ * https://www.vagrantup.com/downloads.html
+* Clone repository
+ * git clone https://github.com/major/MySQLTuner-perl.git
+* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest
+ * vagrant plugin install vagrant-hostmanager
+ * vagrant plugin install vagrant-vbguest
+* Add Fedora Core 23 box for official Fedora Download Website
+ * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box
+* Create a data directory
+ * mkdir data
+* Rename Vagrantfile_MariaDB10.0 into Vagrantfile
+ * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile
+* Start vagrant
+ * vagrant up
+
+MySQLTuner a besoin de vous
+--
+**MySQLTuner** a besoin de contributeurs pour la documentation, le code, des tests et des retours d'expérience.
+
+* Rejoignez-nous sur le suivi de ticket à [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues)</a>.
+* Le guide de contribution en anglais est disponible ici [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Ajouter une étoile à **MySQLTuner project** ici [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
+
diff --git a/README.md b/README.md
index 21a4a79..4703f33 100644
--- a/README.md
+++ b/README.md
@@ -1,304 +1,448 @@
-MySQLTuner-perl
-====
-[](https://travis-ci.org/major/MySQLTuner-perl)
-[](http://opensource.box.com/badges)
-[](http://opensource.box.com/badges)
-[](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue")
-[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
-[](https://opensource.org/licenses/GPL-3.0/)
-
-**MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions.
-
-**MySQLTuner** supports ~300 indicators for MySQL/MariaDB/Percona Server in this last version.
-
-**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration such as [Galera Cluster](http://galeracluster.com/), [TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), [Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, [InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), [MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), [Aria](https://mariadb.com/kb/en/mariadb/aria/), ...
-
-You can find more details on these indicators here:
-[Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md).
-
-
-
-
-MySQLTuner needs you:
-===
-
-**MySQLTuner** needs contributors for documentation, code and feedback..
-
-* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
-* Contribution guide is available following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
-* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
-## Stargazers over time
-
-[](https://starcharts.herokuapp.com/major/MySQLTuner-perl)
-
-Compatibility
-====
-Test result are available here: [Travis CI/MySQLTuner-perl](https://travis-ci.org/major/MySQLTuner-perl)
-* MySQL 8 (partial support, password checks don't work)
-* MySQL 5.7 (full support)
-* MySQL 5.6 (full support)
-* MariaDB 10.3 (full support)
-* MariaDB 10.2 (full support)
-* MariaDB 10.1 (full support)
-* MariaDB 10.0 (full support, 6 last month support)
-* Percona Server 5.7 (full support)
-* Percona Server 5.6 (full support)
-* Percona XtraDB cluster (full support)
-* MySQL 3.23, 4.0, 4.1, 5.0, 5.1, 5.5 (partial support - deprecated version)
-* Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package)
-* Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants)
-* Windows is not supported at this time (Help wanted !!!!!)
-* Unrestricted read access to the MySQL server (OS root access recommended for MySQL < 5.1)
-* CVE vulnerabilities detection support from [https://cve.mitre.org](https://cve.mitre.org)
-
-***WARNING***
---
-It is **extremely important** for you to fully understand each change
-you make to a MySQL database server. If you don't understand portions
-of the script's output, or if you don't understand the recommendations,
-**you should consult** a knowledgeable DBA or system administrator
-that you trust. **Always** test your changes on staging environments, and
-always keep in mind that improvements in one area can **negatively affect**
-MySQL in other areas.
-
-It's **also important** to wait at least a day of uptime to get accurate results. In fact, running
-**mysqltuner** on a fresh restarted server is completely useless.
-
-**Seriously - please review the FAQ section below.**
-
-
-Security recommendations
---
-
-Hi directadmin user!
-We detected that you run mysqltuner with da_admin's credentials taken from `/usr/local/directadmin/conf/my.cnf`, which might bring to a password discovery!
-Read link for more details [Issue #289](https://github.com/major/MySQLTuner-perl/issues/289).
-
-What MySQLTuner is checking exactly ?
---
-All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation.
-
-Download/Installation
---
-
-Choose one of these methods:
-
-1) Script direct download (the simplest and shortest method):
-
-```
-wget http://mysqltuner.pl/ -O mysqltuner.pl
-wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
-wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
-```
-
-2) You can download the entire repository by using `git clone` or `git clone --depth 1 -b master` followed by the cloning URL above.
-
-Optional Sysschema installation for MySQL 5.6
---
-
-Sysschema is installed by default under MySQL 5.7 and MySQL 8 from Oracle.
-By default, on MySQL 5.6/5.7/8, performance schema is enabled by default.
-For previous 5.6 version, you can follow this command to create a new database sys containing very useful view on Performance schema:
-
- curl "https://codeload.github.com/mysql/mysql-sys/zip/master" > sysschema.zip
- # check zip file
- unzip -l sysschema.zip
- unzip sysschema.zip
- cd mysql-sys-master
- mysql -uroot -p < sys_56.sql
-
-Optional Performance schema and Sysschema installation for MariaDB 10.x
---
-
-Sysschema is not installed by default under MariaDB 10.x.
-By default, on MariaDB, performance schema is disabled by default. consider activating performance schema across your my.cnf configuration file:
-
- [mysqld]
- performance_schema = on
-
-You can follow this command to create a new database sys containing very useful view on Performance schema:
-
- curl "https://codeload.github.com/FromDual/mariadb-sys/zip/master" > mariadb-sys.zip
- # check zip file
- unzip -l mariadb-sys.zip
- unzip mariadb-sys.zip
- cd mariadb-sys-master/
- mysql -u root -p < ./sys_10.sql
-
-Errors & solutions for performance schema installation
-
- ERROR at line 21: Failed to open file './tables/sys_config_data_10.sql -- ported', error: 2
- Have a look at #452 solution given by @ericx
-
-Performance tips
---
-Metadata statistic updates can impact strongly performance of database servers and MySQLTuner.
-Be sure that innodb_stats_on_metadata is disabled.
-
- set global innodb_stats_on_metadata = 0;
-
-Specific usage
---
-
-__Usage:__ Minimal usage locally
-
- perl mysqltuner.pl --host 127.0.0.1
-
-Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly.
-
-__Usage:__ Minimal usage remotely
-
- perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password
-
-__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging
-
- perl mysqltuner.pl --verbose
- perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat --tbstat
-
-
-__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version
-
- perl mysqltuner.pl --cvefile=vulnerabilities.csv
-
-__Usage:__ Write your result in a file with information displayed
-
- perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt
-
-__Usage:__ Write your result in a file **without outputting information**
-
- perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt
-
-__Usage:__ Using template model to customize your reporting file based on [Text::Template](https://metacpan.org/pod/Text::Template) syntax.
-
- perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl
-
-__Usage:__ Enable debugging information
-
- perl mysqltuner.pl --debug
-
-FAQ
---
-
-**Question: Will MySQLTuner fix my slow MySQL server?**
-
-**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations for improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.*
-
-**Question: Can I fire my DBA now?**
-
-**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call.
-
-**Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?**
-
-The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains:
-
- [client]
- user=someusername
- password=thatuserspassword
-
-Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option.
-
-**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?**
-
-You could use mysql_config_editor utilities.
-~~~bash
- $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost
- Enter password: ********
-~~~
-After which, `~/.mylogin.cnf` will be created with the appropriate access.
-
-To get information about stored credentials, use the following command:
-
- $mysql_config_editor print
- [client]
- user = someusername
- password = *****
- host = localhost
-
-**Question: What's minimum privileges needed by a specific mysqltuner user in database ?**
-
- mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* TO 'mysqltuner'@'localhost' identified by pwd1234;
-
-**Question: It's not working on my OS! What gives?!**
-
-These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly:
-
-* OS and OS version
-* Architecture (x86, x86_64, IA64, Commodore 64)
-* Exact MySQL version
-* Where you obtained your MySQL version (OS package, source, etc)
-* The full text of the error
-* A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible)
-
-**Question: How to perform CVE vulnerability checks?**
-
-* Download vulnerabilities.csv from this repository.
-* use option --cvefile to perform CVE checks
-
-**Question: How to use mysqltuner from a remote host?**
-Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba)
-
-* You will still have to connect like a mysql client:
-
-Connection and Authentication
-
- --host <hostname> Connect to a remote host to perform tests (default: localhost)
- --socket <socket> Use a different socket for a local connection
- --port <port> Port to use for connection (default: 3306)
- --user <username> Username to use for authentication
- --pass <password> Password to use for authentication
- --defaults-file <path> defaults file for credentials
-
-Since you are using a remote host, use parameters to supply values from the OS
-
- --forcemem <size> Amount of RAM installed in megabytes
- --forceswap <size> Amount of swap memory configured in megabytes
-
-* You may have to contact your remote SysAdmin to ask how much RAM and swap you have
-
-If the database has too many tables, or very large table, use this:
-
- --skipsize Don't enumerate tables and their types/sizes (default: on)
- (Recommended for servers with many tables)
-
-**Question: Can I install this project using homebrew on Apple Macintosh?**
-
-Yes! `brew install mysqltuner` can be used to install this application using [homebrew](https://brew.sh/) on Apple Macintosh.
-
-MySQLTuner and Vagrant
---
-**MySQLTuner** contains following Vagrant configurations:
-* Fedora Core 23 / MariaDB 10.0
-* Fedora Core 23 / MariaDB 10.1
-* Fedora Core 23 / MySQL 5.6
-* Fedora Core 23 / MySQL 5.7
-
-**Vagrant File** are stored in Vagrant subdirectory.
-* Follow this 2 steps after vagrant installation:
-* Rename VagrantFile_for_Mxxx into Vagrantfile
-* vagrant up
-
-**MySQLTuner** contains a Vagrant configurations for test purpose and development
-* Install VirtualBox and Vagrant
- * https://www.virtualbox.org/wiki/Downloads
- * https://www.vagrantup.com/downloads.html
-* Clone repository
- * git clone https://github.com/major/MySQLTuner-perl.git
-* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest
- * vagrant plugin install vagrant-hostmanager
- * vagrant plugin install vagrant-vbguest
-* Add Fedora Core 23 box for official Fedora Download Website
- * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box
-* Create a data directory
- * mkdir data
-* Rename Vagrantfile_MariaDB10.0 into Vagrantfile
- * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile
-* Start vagrant
- * vagrant up
-
-MySQLTuner needs you
---
-**MySQLTuner** needs contributors for documentation, code and feedback..
-
-* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
-* Contribution guide is available following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
-* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
+
+====
+[](https://travis-ci.org/major/MySQLTuner-perl)
+[](http://opensource.box.com/badges)
+[](http://opensource.box.com/badges)
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue")
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
+[](https://opensource.org/licenses/GPL-3.0/)
+
+**MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions.
+
+**MySQLTuner** supports ~300 indicators for MySQL/MariaDB/Percona Server in this last version.
+
+**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration such as [Galera Cluster](http://galeracluster.com/), [TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), [Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, [InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), [MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), [Aria](https://mariadb.com/kb/en/mariadb/aria/), ...
+
+You can find more details on these indicators here:
+[Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md).
+
+
+
+
+MySQLTuner needs you:
+===
+
+**MySQLTuner** needs contributors for documentation, code and feedback..
+
+* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Contribution guide is available following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
+* Paid support for Releem available here: [Releem App](https://releem.com/)
+
+## Stargazers over time
+
+[](https://starcharts.herokuapp.com/major/MySQLTuner-perl)
+
+Compatibility
+====
+Test result are available here: [Travis CI/MySQLTuner-perl](https://travis-ci.org/major/MySQLTuner-perl)
+* MySQL 8.0 (partial support, password checks don't work)
+* Percona Server 8.0 (partial support, password checks don't work)
+* MySQL 5.7 (full support)
+* Percona Server 5.7 (full support)
+* MariaDB 10.6 (full support)
+* MariaDB 10.5 (full support)
+* MariaDB 10.4 (full support)
+* MariaDB 10.3 (full support)
+* Galera replication (full support)
+* Percona XtraDB cluster (full support)
+* Mysql Replications (partial support, no test environment)
+
+* MySQL 5.6 (no support, deprecated version)
+* Percona Server 5.6 (no support, deprecated version)
+* MySQL 5.5 (no support, deprecated version)
+* MariaDB 5.5 (no support, deprecated version)
+* MariaDB 10.2 (no support, deprecated version)
+* MariaDB 10.1 (no support, deprecated version)
+* MariaDB 10.0 (no support, deprecated version)
+* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (no support - deprecated version)
+
+*** Windows Support is partial ***
+* Windows is now supported at this time
+* Successfully run MySQLtuner across WSL2 (Windows Subsystem Linux )
+* [https://docs.microsoft.com/en-us/windows/wsl/](https://docs.microsoft.com/en-us/windows/wsl/)
+
+*** UNSUPPORTED ENVIRONMENTS - NEED HELP FOR THAT :) ***
+* Cloud based is not supported at this time (Help wanted !!!!! GCP, AWS, Azure support asked)
+
+*** Unsupported storage engines: PRs welcome ***
+* NDB is not supported feel free to Pull Request code :)
+* MyISAM is to old is no longer active
+* RockDB
+* Archive
+* Spider
+* ColummStore
+* TokuDB
+* XtraDB
+* Connect
+
+* CVE vulnerabilities detection support from [https://cve.mitre.org](https://cve.mitre.org)
+
+*** MINIMAL REQUIREMENTS ***
+
+* Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package)
+* Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants)
+* Unrestricted read access to the MySQL server (OS root access recommended for MySQL < 5.1)
+
+***WARNING***
+--
+It is **extremely important** for you to fully understand each change
+you make to a MySQL database server. If you don't understand portions
+of the script's output, or if you don't understand the recommendations,
+**you should consult** a knowledgeable DBA or system administrator
+that you trust. **Always** test your changes on staging environments, and
+always keep in mind that improvements in one area can **negatively affect**
+MySQL in other areas.
+
+It's **also important** to wait at least a day of uptime to get accurate results. In fact, running
+**mysqltuner** on a fresh restarted server is completely useless.
+
+**Seriously - please review the FAQ section below.**
+
+
+Security recommendations
+--
+
+Hi directadmin user!
+We detected that you run mysqltuner with da_admin's credentials taken from `/usr/local/directadmin/conf/my.cnf`, which might bring to a password discovery!
+Read link for more details [Issue #289](https://github.com/major/MySQLTuner-perl/issues/289).
+
+What MySQLTuner is checking exactly ?
+--
+All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation.
+
+Download/Installation
+--
+
+Choose one of these methods:
+
+1) Script direct download (the simplest and shortest method):
+
+```
+wget http://mysqltuner.pl/ -O mysqltuner.pl
+wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
+wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
+```
+
+2) You can download the entire repository by using `git clone` or `git clone --depth 1 -b master` followed by the cloning URL above.
+
+Optional Sysschema installation for MySQL 5.6
+--
+
+Sysschema is installed by default under MySQL 5.7 and MySQL 8 from Oracle.
+By default, on MySQL 5.6/5.7/8, performance schema is enabled by default.
+For previous MySQL 5.6 version, you can follow this command to create a new database sys containing very useful view on Performance schema:
+
+ curl "https://codeload.github.com/mysql/mysql-sys/zip/master" > sysschema.zip
+ # check zip file
+ unzip -l sysschema.zip
+ unzip sysschema.zip
+ cd mysql-sys-master
+ mysql -uroot -p < sys_56.sql
+
+Optional Performance schema and Sysschema installation for MariaDB 10.x
+--
+
+Sysschema is not installed by default under MariaDB prior to 10.6
+By default, on MariaDB, performance schema is disabled by default. consider activating performance schema across your my.cnf configuration file:
+
+ [mysqld]
+ performance_schema = on
+
+You can follow this command to create a new database sys containing very useful view on Performance schema:
+
+ curl "https://codeload.github.com/FromDual/mariadb-sys/zip/master" > mariadb-sys.zip
+ # check zip file
+ unzip -l mariadb-sys.zip
+ unzip mariadb-sys.zip
+ cd mariadb-sys-master/
+ mysql -u root -p < ./sys_10.sql
+
+Errors & solutions for performance schema installation
+
+ ERROR at line 21: Failed to open file './tables/sys_config_data_10.sql -- ported', error: 2
+ Have a look at #452 solution given by @ericx
+
+Performance tips
+--
+Metadata statistic updates can impact strongly performance of database servers and MySQLTuner.
+Be sure that innodb_stats_on_metadata is disabled.
+
+ set global innodb_stats_on_metadata = 0;
+
+Specific usage
+--
+
+__Usage:__ Minimal usage locally
+
+ perl mysqltuner.pl --host 127.0.0.1
+
+Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly.
+
+__Usage:__ Minimal usage remotely
+
+ perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password
+
+__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging
+
+ perl mysqltuner.pl --verbose
+ perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat --tbstat
+
+
+__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version
+
+ perl mysqltuner.pl --cvefile=vulnerabilities.csv
+
+__Usage:__ Write your result in a file with information displayed
+
+ perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt
+
+__Usage:__ Write your result in a file **without outputting information**
+
+ perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt
+
+__Usage:__ Using template model to customize your reporting file based on [Text::Template](https://metacpan.org/pod/Text::Template) syntax.
+
+ perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl
+
+__Usage:__ Enable debugging information
+
+ perl mysqltuner.pl --debug
+
+__Usage:__ Update MySQLTuner and data files (password and cve) if needed
+
+ perl mysqltuner.pl --checkversion --updateversion
+
+HTML reports based on Python Jinja2
+--
+
+HTML generation is based on Python/Jinja2
+
+**HTML generation Procedure**
+
+ - Generate mysqltuner.pl report using JSON format (--json)
+ - Generate HTML report using j2 python tools
+
+**Jinja2 Templates are located under templates sub directory**
+
+A basic example is called basic.html.j2
+
+**Installation Python j2**
+
+ python -mvenv j2
+ source ./j2/bin/activate
+ (j2) pip install j2
+
+**Using Html report generation**
+
+ perl mysqltuner.pl --verbose --json > reports.json
+ cat reports.json j2 -f json MySQLTuner-perl/templates/basic.html.j2 > variables.html
+
+or
+
+ perl mysqltuner.pl --verbose --json | j2 -f json MySQLTuner-perl/templates/basic.html.j2 > variables.html
+
+
+HTML reports based on AHA
+--
+
+HTML generation is based on AHA
+
+**HTML generation Procedure**
+
+ - Generate mysqltuner.pl report using standard text reports
+ - Generate HTML report using aha
+
+**Installation Aha**
+
+Follow instructions from Github repo
+
+[GitHub AHA main repository](https://github.com/theZiz/aha)
+
+
+**Using AHA Html report generation**
+
+ perl mysqltuner.pl --verbose --color > reports.txt
+ aha --black --title "MySQLTuner" -f "reports.txt" > "reports.html"
+
+or
+
+ perl mysqltuner.pl --verbose --color | aha --black --title "MySQLTuner" > reports.html
+
+
+FAQ
+--
+
+**Question: Will MySQLTuner fix my slow MySQL server?**
+
+**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations for improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.*
+
+**Question: Can I fire my DBA now?**
+
+**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call.
+
+**Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?**
+
+The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains:
+
+ [client]
+ user=someusername
+ password=thatuserspassword
+
+Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option.
+
+**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?**
+
+You could use mysql_config_editor utilities.
+~~~bash
+ $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost
+ Enter password: ********
+~~~
+After which, `~/.mylogin.cnf` will be created with the appropriate access.
+
+To get information about stored credentials, use the following command:
+
+ $mysql_config_editor print
+ [client]
+ user = someusername
+ password = *****
+ host = localhost
+
+**Question: What's minimum privileges needed by a specific mysqltuner user in database ?**
+
+ mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* TO 'mysqltuner'@'localhost' identified by pwd1234;
+
+**Question: It's not working on my OS! What gives?!**
+
+These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly:
+
+* OS and OS version
+* Architecture (x86, x86_64, IA64, Commodore 64)
+* Exact MySQL version
+* Where you obtained your MySQL version (OS package, source, etc)
+* The full text of the error
+* A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible)
+
+**Question: How to perform CVE vulnerability checks?**
+
+* Download vulnerabilities.csv from this repository.
+* use option --cvefile to perform CVE checks
+
+**Question: How to use mysqltuner from a remote host?**
+Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba)
+
+* You will still have to connect like a mysql client:
+
+Connection and Authentication
+
+ --host <hostname> Connect to a remote host to perform tests (default: localhost)
+ --socket <socket> Use a different socket for a local connection
+ --port <port> Port to use for connection (default: 3306)
+ --user <username> Username to use for authentication
+ --pass <password> Password to use for authentication
+ --defaults-file <path> defaults file for credentials
+
+Since you are using a remote host, use parameters to supply values from the OS
+
+ --forcemem <size> Amount of RAM installed in megabytes
+ --forceswap <size> Amount of swap memory configured in megabytes
+
+* You may have to contact your remote SysAdmin to ask how much RAM and swap you have
+
+If the database has too many tables, or very large table, use this:
+
+ --skipsize Don't enumerate tables and their types/sizes (default: on)
+ (Recommended for servers with many tables)
+
+**Question: Can I install this project using homebrew on Apple Macintosh?**
+
+Yes! `brew install mysqltuner` can be used to install this application using [homebrew](https://brew.sh/) on Apple Macintosh.
+
+MySQLTuner and Vagrant
+--
+**MySQLTuner** contains following Vagrant configurations:
+* Fedora Core 30 / Docker
+
+**Vagrant File** is stored in Vagrant subdirectory.
+* Follow following step after vagrant installation:
+ $ vagrant up
+
+**MySQLTuner** contains a Vagrant configurations for test purpose and development
+* Install VirtualBox and Vagrant
+ * https://www.virtualbox.org/wiki/Downloads
+ * https://www.vagrantup.com/downloads.html
+* Clone repository
+ * git clone https://github.com/major/MySQLTuner-perl.git
+* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest
+ * vagrant plugin install vagrant-hostmanager
+ * vagrant plugin install vagrant-vbguest
+* Add Fedora Core 30 box for official Fedora Download Website
+ * vagrant box add --name generic/fedora30
+* Create a data directory
+ * mkdir data
+
+
+## setup test environments
+
+ $ sh build/createTestEnvs.sh
+
+ $ source build/bashrc
+ $ mysql_percona80 sakila
+ sakila> ...
+
+ $ docker images
+ mariadb 10.1 fc612450e1f1 12 days ago 352MB
+ mariadb 10.2 027b7c57b8c6 12 days ago 340MB
+ mariadb 10.3 47dff68107c4 12 days ago 343MB
+ mariadb 10.4 92495405fc36 12 days ago 356MB
+ mysql 5.6 95e0fc47b096 2 weeks ago 257MB
+ mysql 5.7 383867b75fd2 2 weeks ago 373MB
+ mysql 8.0 b8fd9553f1f0 2 weeks ago 445MB
+ percona/percona-server 5.7 ddd245ed3496 5 weeks ago 585MB
+ percona/percona-server 5.6 ed0a36e0cf1b 6 weeks ago 421MB
+ percona/percona-server 8.0 390ae97d57c6 6 weeks ago 697MB
+ mariadb 5.5 c7bf316a4325 4 months ago 352MB
+ mariadb 10.0 d1bde56970c6 4 months ago 353MB
+ mysql 5.5 d404d78aa797 4 months ago 205MB
+
+ $ docker ps
+ CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
+ da2be9b050c9 mariadb:5.5 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5311->3306/tcp mariadb55
+ 5deca25d5ac8 mariadb:10.0 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5310->3306/tcp mariadb100
+ 73aaeb37e2c2 mariadb:10.1 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5309->3306/tcp mariadb101
+ 72ffa77e01ec mariadb:10.2 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5308->3306/tcp mariadb102
+ f5996f2041df mariadb:10.3 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5307->3306/tcp mariadb103
+ 4890c52372bb mariadb:10.4 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5306->3306/tcp mariadb104
+ 6b9dc078e921 percona/percona-server:5.6 "/docker-entrypoint.…" 7 hours ago Up 7 hours 0.0.0.0:4308->3306/tcp percona56
+ 3a4c7c826d4c percona/percona-server:5.7 "/docker-entrypoint.…" 7 hours ago Up 7 hours 0.0.0.0:4307->3306/tcp percona57
+ 3dda408c91b0 percona/percona-server:8.0 "/docker-entrypoint.…" 7 hours ago Up 7 hours 33060/tcp, 0.0.0.0:4306->3306/tcp percona80
+ 600a4e7e9dcd mysql:5.5 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:3309->3306/tcp mysql55
+ 4bbe54342e5d mysql:5.6 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:3308->3306/tcp mysql56
+ a49783249a11 mysql:5.7 "docker-entrypoint.s…" 7 hours ago Up 7 hours 33060/tcp, 0.0.0.0:3307->3306/tcp mysql57
+ d985820667c2 mysql:8.0 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:3306->3306/tcp, 33060/tcp mysql 8 0
+
+
+MySQLTuner needs you
+--
+**MySQLTuner** needs contributors for documentation, code and feedback..
+
+* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Contribution guide is available following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
+
+Contributions welcome !
+--
+
+How to contribute using Pull Request ? Follow this guide : [Pull request creation](https://opensource.com/article/19/7/create-pull-request-github)
+
+Simple steps to create a pull request:
+--
+
+- Fork this Github project
+- Clone it to your local system
+- Make a new branch
+- Make your changes
+- Push it back to your repo
+- Click the Compare & pull request button
+- Click Create pull request to open a new pull request
+
diff --git a/README.ru.md b/README.ru.md
index d4dfdee..ce44d55 100644
--- a/README.ru.md
+++ b/README.ru.md
@@ -37,22 +37,38 @@ MySQLTuner нуждается в вас:
Совместимость
====
+Результаты тестов: [Travis CI/MySQLTuner-perl](https://travis-ci.org/major/MySQLTuner-perl)
+* MySQL 8 (полная поддержка, проверка пароля не работает)
* MySQL 5.7 (полная поддержка)
* MySQL 5.6 (полная поддержка)
* MySQL 5.5 (полная поддержка)
+* MariaDB 10.4 (полная поддержка)
* MariaDB 10.3 (полная поддержка)
* MariaDB 10.2 (полная поддержка)
* MariaDB 10.1 (полная поддержка)
-* MariaDB 10.0 (полная поддержка)
+* MariaDB 10.0 (полная поддержка, последние 6 месяцeв)
+* MariaDB 5.5 (полная поддержка, но без поддержки от MariaDB)
+* Percona Server 8.0 (полная поддержка, проверка пароля не работает)
* Percona Server 5.7 (полная поддержка)
* Percona Server 5.6 (полная поддержка)
-* Percona XtraDB cluster (полная поддержка)
-* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (частичная поддержка - устаревшие версии)
+* Percona XtraDB cluster (частичная поддержка, нет тестового окружения)
+
+* Mysql Replications (частичная поддержка, нет тестового окружения)
+* Galera replication (частичная поддержка, нет тестового окружения)
+
+* MySQL 3.23, 4.0, 4.1, 5.0, 5.1, 5.5 (частичная поддержка - устаревшие версии)
+
+*** НЕ ПОДДЕРЖИВАЕМЫЕ ОКРУЖЕНИЯ - НУЖНА ПОМОЩЬ С НИМИ :) ***
+* Windows не поддерживается на данное время (Необходима помощь!!!!!)
+* Облачные сервисы(cloud based) не поддерживаются на данное время (Необходима помощь!!!!!)
+
+* Поддержка детектирования CVE уязвимостей из [https://cve.mitre.org](https://cve.mitre.org)
+
+*** МИНИМАЛЬНЫЕ ТРЕБОВАНИЯ ***
+
* Perl 5.6 или более поздний (с пакетом [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod))
* Операционная система семейства Unix/Linux (протестировано на Linux, различных вариациях BSD и Solaris)
-* Windows не поддерживается на данное время (Необходима помощь!!!!!)
* Неограниченный доступ на чтение для MySQL-сервера (Для работы с MySQL < 5.1 требуется root-доступ к серверу)
-* Поддержка детектирования CVE уязвимостей из [https://cve.mitre.org](https://cve.mitre.org)
Пожалуйста, прочитайте раздел ЧаВо, который расположен чуть ниже.
@@ -67,6 +83,8 @@ MySQLTuner нуждается в вас:
и всегда будьте готовы к тому, что улучшения в одной области могут иметь
отрицательный эфект в работе MySQL в другой области.
+Так же **важно** подождать, что бы сервер баз данных отработал хотя бы день, для получения точных реультатов. Запуск **mysqltuner** на только что перезапущенном сервере баз данных, по факту полностью бесполезен.
+
**Серьезно - прочитайте раздел ЧаВо, который расположен чуть ниже.**
@@ -85,22 +103,69 @@ MySQLTuner нуждается в вас:
Загрузка/Установка
--
-Вы можете скачать весь репозиторий с помощью 'git clone' c URL текущего репозитория. Самый простой и короткий метод:
+Доступны несколько методов:
+1) Прямая загрузка скрипта(самый простой и короткий метод):
+```
+wget http://mysqltuner.pl/ -O mysqltuner.pl
+wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
+wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
+```
- wget http://mysqltuner.pl/ -O mysqltuner.pl
- wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
- wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
- perl mysqltuner.pl
+2) Вы можете скачать весь репозиторий с помощью `git clone` или `git clone --depth 1 -b master` c URL текущего репозитория.
-Конечно, вам нужно будет добавить права на выполнение скрипта (chmod +x mysqltuner.pl), если вы хотите запускать его напрямую, без указания perl.
+Оциональная установка Sysschema для MySQL 5.6
+--
+
+Sysschema по умолчанию установлена на MySQL 5.7 и MySQL 8 от Oracle.
+В MySQL 5.6/5.7/8 по умолчанию performance schema включена.
+Для версий старше 5.6 вы можете создать новую базу данных sys, содержащую очень полезный взгляд на Performance schema следующими командами:
+
+ curl "https://codeload.github.com/mysql/mysql-sys/zip/master" > sysschema.zip
+ # check zip file
+ unzip -l sysschema.zip
+ unzip sysschema.zip
+ cd mysql-sys-master
+ mysql -uroot -p < sys_56.sql
+
+Опциональная установка Performance schema и Sysschema для MariaDB 10.x
+--
+
+Sysschema не установлена по умолчанию на MariaDB 10.x.
+А performance schema по умолчанию отключена в MariaDB. Для активации ее требуется включить в конфигурационном файле my.cnf:
+
+ [mysqld]
+ performance_schema = on
+
+Вы можете создать новую базу данных sys, содержащую очень полезный взгляд на Performance schema следующими командами:
+
+ curl "https://codeload.github.com/FromDual/mariadb-sys/zip/master" > mariadb-sys.zip
+ # check zip file
+ unzip -l mariadb-sys.zip
+ unzip mariadb-sys.zip
+ cd mariadb-sys-master/
+ mysql -u root -p < ./sys_10.sql
+
+Ошибки и их решения при установке performance schema
+
+ ERROR at line 21: Failed to open file './tables/sys_config_data_10.sql -- ported', error: 2
+ Посмотрите на #452 решение, данное @ericx
+
+Советы по производительности
+--
+Обновление статистики метадаты могут очень сильно влиять на производительсноить сервера баз данных и MySQLTuner.
+Убедитесь, что innodb_stats_on_metadata отключен.
+
+ set global innodb_stats_on_metadata = 0;
Примеры использования
--
__Пример:__ Минимальный локальный запуск
- perl mysqltuner.pl
+ perl mysqltuner.pl --host 127.0.0.1
+
+Конечно, вам нужно будет добавить права на выполнение скрипта (chmod +x mysqltuner.pl), если вы хотите запускать его напрямую, без указания perl.
__Пример:__ Минимальный удаленный запуск
@@ -109,7 +174,7 @@ __Пример:__ Минимальный удаленный запуск
__Пример:__ Включение максимамльного вывода информации о MySQL/MariaDb без отладочной информации
perl mysqltuner.pl --verbose
- perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat
+ perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat --tbstat
__Пример:__ Включение проверки на CVE уязвимости для MariaDB или MySQL
@@ -132,6 +197,10 @@ __Пример:__ Включение вывода отладочной инфо
perl mysqltuner.pl --debug
+__Пример:__ Обновление MySQLTuner и файлов с данными (пароль и cve), если необходимо.
+
+ perl mysqltuner.pl --checkversion --updateversion
+
ЧаВо
--
@@ -149,7 +218,7 @@ __Пример:__ Включение вывода отладочной инфо
[client]
user=distributions
- pass=thatuserspassword
+ password=thatuserspassword
Сразу после создания файла убедитесь, что его владельцем является ваш пользователь, а права на файл - 0600. Это защитит ваш логин и пароль от базы данных от любопытных глаз в нормальных условиях. Но у вас не будет выбора, если появится [T-1000 в униформе полицейского из Лос-Анджелеса](https://ru.wikipedia.org/wiki/T-1000) и потребует доступы от вашей базы данных.
@@ -171,7 +240,7 @@ __Пример:__ Включение вывода отладочной инфо
**Вопрос: Какие минимальные привелегии нужны для специального пользователя базы данных mysqltuner?**
- mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234;
+ mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* TO 'mysqltuner'@'localhost' identified by pwd1234;
**Вопрос: Это не работает на моей ОС! Что делать?!**
@@ -222,15 +291,11 @@ __Пример:__ Включение вывода отладочной инфо
MySQLTuner и Vagrant
--
**MySQLTuner** содержится в следующих конфигурациях Vagrant:
-* Fedora Core 23 / MariaDB 10.0
-* Fedora Core 23 / MariaDB 10.1
-* Fedora Core 23 / MySQL 5.6
-* Fedora Core 23 / MySQL 5.7
+* Fedora Core 10 / Docker
-**Vagrant File** are stored in Vagrant subdirectory.
-* Follow this 2 steps after vagrant installation:
-* Rename VagrantFile_for_Mxxx into Vagrantfile
-* vagrant up
+**Vagrant File** is stored in Vagrant subdirectory.
+* Follow following step after vagrant installation:
+ $ vagrant up
**MySQLTuner** contains a Vagrant configurations for test purpose and development
* Install VirtualBox and Vagrant
@@ -241,14 +306,50 @@ MySQLTuner и Vagrant
* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest
* vagrant plugin install vagrant-hostmanager
* vagrant plugin install vagrant-vbguest
-* Add Fedora Core 23 box for official Fedora Download Website
- * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box
+* Add Fedora Core 30 box for official Fedora Download Website
+ * vagrant box add --name generic/fedora30
* Create a data directory
* mkdir data
-* Rename Vagrantfile_MariaDB10.0 into Vagrantfile
- * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile
-* Start vagrant
- * vagrant up
+
+
+## Настройка тестовых окружений
+
+ $ sh build/createTestEnvs.sh
+
+ $ source build/bashrc
+ $ mysql_percona80 sakila
+ sakila> ...
+
+ $ docker images
+ mariadb 10.1 fc612450e1f1 12 days ago 352MB
+ mariadb 10.2 027b7c57b8c6 12 days ago 340MB
+ mariadb 10.3 47dff68107c4 12 days ago 343MB
+ mariadb 10.4 92495405fc36 12 days ago 356MB
+ mysql 5.6 95e0fc47b096 2 weeks ago 257MB
+ mysql 5.7 383867b75fd2 2 weeks ago 373MB
+ mysql 8.0 b8fd9553f1f0 2 weeks ago 445MB
+ percona/percona-server 5.7 ddd245ed3496 5 weeks ago 585MB
+ percona/percona-server 5.6 ed0a36e0cf1b 6 weeks ago 421MB
+ percona/percona-server 8.0 390ae97d57c6 6 weeks ago 697MB
+ mariadb 5.5 c7bf316a4325 4 months ago 352MB
+ mariadb 10.0 d1bde56970c6 4 months ago 353MB
+ mysql 5.5 d404d78aa797 4 months ago 205MB
+
+ $ docker ps
+ CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
+ da2be9b050c9 mariadb:5.5 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5311->3306/tcp mariadb55
+ 5deca25d5ac8 mariadb:10.0 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5310->3306/tcp mariadb100
+ 73aaeb37e2c2 mariadb:10.1 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5309->3306/tcp mariadb101
+ 72ffa77e01ec mariadb:10.2 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5308->3306/tcp mariadb102
+ f5996f2041df mariadb:10.3 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5307->3306/tcp mariadb103
+ 4890c52372bb mariadb:10.4 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:5306->3306/tcp mariadb104
+ 6b9dc078e921 percona/percona-server:5.6 "/docker-entrypoint.…" 7 hours ago Up 7 hours 0.0.0.0:4308->3306/tcp percona56
+ 3a4c7c826d4c percona/percona-server:5.7 "/docker-entrypoint.…" 7 hours ago Up 7 hours 0.0.0.0:4307->3306/tcp percona57
+ 3dda408c91b0 percona/percona-server:8.0 "/docker-entrypoint.…" 7 hours ago Up 7 hours 33060/tcp, 0.0.0.0:4306->3306/tcp percona80
+ 600a4e7e9dcd mysql:5.5 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:3309->3306/tcp mysql55
+ 4bbe54342e5d mysql:5.6 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:3308->3306/tcp mysql56
+ a49783249a11 mysql:5.7 "docker-entrypoint.s…" 7 hours ago Up 7 hours 33060/tcp, 0.0.0.0:3307->3306/tcp mysql57
+ d985820667c2 mysql:8.0 "docker-entrypoint.s…" 7 hours ago Up 7 hours 0.0.0.0:3306->3306/tcp, 33060/tcp mysql 8 0
MySQLTuner нуждается в Вас:
===
diff --git a/USAGE.md b/USAGE.md
index f894e19..52f7b8a 100644
--- a/USAGE.md
+++ b/USAGE.md
@@ -1,6 +1,6 @@
# NAME
- MySQLTuner 1.7.15 - MySQL High Performance Tuning Script
+ MySQLTuner 1.9.4 - MySQL High Performance Tuning Script
# IMPORTANT USAGE GUIDELINES
@@ -14,6 +14,7 @@ You must provide the remote server's total memory when connecting to other serve
--host <hostname> Connect to a remote host to perform tests (default: localhost)
--socket <socket> Use a different socket for a local connection
--port <port> Port to use for connection (default: 3306)
+ --protocol tcp Force TCP connection instead of socket
--user <username> Username to use for authentication
--userenv <envvar> Name of env variable which contains username to use for authentication
--pass <password> Password to use for authentication
@@ -22,46 +23,51 @@ You must provide the remote server's total memory when connecting to other serve
--mysqladmin <path> Path to a custom mysqladmin executable
--mysqlcmd <path> Path to a custom mysql executable
--defaults-file <path> Path to a custom .my.cnf
+ --server-log <path> Path to explict log file (error_log)
# PERFORMANCE AND REPORTING OPTIONS
--skipsize Don't enumerate tables and their types/sizes (default: on)
(Recommended for servers with many tables)
+ --json Print result as JSON string
+ --prettyjson Print result as JSON formatted string
--skippassword Don't perform checks on user passwords(default: off)
--checkversion Check for updates to MySQLTuner (default: don't check)
--updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)
--forcemem <size> Amount of RAM installed in megabytes
--forceswap <size> Amount of swap memory configured in megabytes
--passwordfile <path> Path to a password file list(one password by line)
+ --cvefile <path> CVE File for vulnerability checks
+ --outputfile <path> Path to a output txt file
+ --reportfile <path> Path to a report txt file
+ --template <path> Path to a template file
# OUTPUT OPTIONS
--silent Don't output anything on screen
+ --verbose Prints out all options (default: no verbose, dbstat, idxstat, sysstat, tbstat, pfstat)
+ --nocolor Don't print output in color
--nogood Remove OK responses
--nobad Remove negative/suggestion responses
--noinfo Remove informational responses
--debug Print debug information
- --noprocess Consider no other process is running
+ --noprocess Consider no other process is running
--dbstat Print database information
--nodbstat Don't Print database information
--tbstat Print table information
--notbstat Don't Print table information
+ --colstat Print column information
+ --nocolstat Don't Print column information
--idxstat Print index information
--noidxstat Don't Print index information
--sysstat Print system information
--nosysstat Don't Print system information
--pfstat Print Performance schema
--nopfstat Don't Print Performance schema
- --verbose Prints out all options (default: no verbose, dbstat, idxstat, sysstat, tbstat, pfstat)
--bannedports Ports banned separated by comma(,)
+ --server-log Define specifi error_log to analyze
--maxportallowed Number of ports opened allowed on this hosts
- --cvefile <path> CVE File for vulnerability checks
- --nocolor Don't print output in color
- --json Print result as JSON string
--buffers Print global and per-thread buffer values
- --outputfile <path> Path to a output txt file
- --reportfile <path> Path to a report txt file
- --template <path> Path to a template file
# PERLDOC
@@ -118,7 +124,7 @@ Major Hayden - major@mhtx.net
# SUPPORT
-Bug reports, feature requests, and downloads at http://mysqltuner.com/
+Bug reports, feature requests, and downloads at http://mysqltuner.pl/
Bug tracker can be found at https://github.com/major/MySQLTuner-perl/issues
@@ -132,9 +138,9 @@ Maintained by Major Hayden (major\\@mhtx.net) - Licensed under GPL
# COPYRIGHT AND LICENSE
-Copyright (C) 2006-2018 Major Hayden - major@mhtx.net
+Copyright (C) 2006-2022 Major Hayden - major@mhtx.net
-For the latest updates, please visit http://mysqltuner.com/
+For the latest updates, please visit http://mysqltuner.pl/
Git repository available at https://github.com/major/MySQLTuner-perl
diff --git a/Vagrant/Vagrantfile b/Vagrant/Vagrantfile
index 5b82ca7..a55766b 100644
--- a/Vagrant/Vagrantfile
+++ b/Vagrant/Vagrantfile
@@ -1,71 +1,71 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-Vagrant.configure("2") do |config|
- config.vm.box = "generic/fedora30"
- config.vm.network "private_network", ip: "192.168.50.10", virtualbox__intnet: false
-
- if Vagrant.has_plugin? "vagrant-vbguest"
- config.vbguest.no_install = true
- config.vbguest.auto_update = false
- config.vbguest.no_remote = true
-end
- config.hostmanager.enabled = true
- config.hostmanager.manage_host = false
- config.hostmanager.manage_guest = true
- config.hostmanager.ignore_private_ip = false
- config.hostmanager.include_offline = true
-
- config.vm.network "public_network"
- config.vm.hostname = 'fedora-generic'
- config.hostmanager.aliases = %w(fedora-generic.localdomain fedora-generic.local fcg.local)
-
- config.vm.synced_folder "/home/jmren/VagrantMachines/VagrantData", "/data"
-
- config.vm.provider "virtualbox" do |vb|
- vb.name="fedora-generic"
- vb.gui = false
- vb.memory = "3036"
- vb.cpus = 4
- end
-
- config.vm.provision "shell", inline: <<-SHELL
- echo "secret" | sudo passwd --stdin root
- echo "secret" | sudo passwd --stdin vagrant
- sudo cp -pr ~vagrant/.ssh /root
- sudo chown -R root.root /root/.ssh
-
- sudo dnf -y update
- sudo dnf -y install telnet vim-enhanced net-tools git python python2-pip python34-PyYAML moreutils net-tools python-psutil perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils vim-enhanced unzip zip jq youtube-dl ffmpeg make mariadb psmisc PyYAML tofrodos python3 chromedriver wget
- sudo dnf -y install python34-pip moreutils net-tools python-psutil perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils vim-enhanced unzip zip jq youtube-dl ffmpeg make mariadb psmisc PyYAML tofrodos python3 wget python-beautifulsoup4 npm rclone golang yum-utils device-mapper-persistent-data lvm2 docker
-
- echo "alias h='function hdi(){ howdoi \$* -c -n 5; }; hdi'" >> /tmp/util.sh
- echo "alias s=sudo" >> /tmp/util.sh
- echo "alias h=history" >> /tmp/util.sh
- echo "alias hserver='python -m http.server 8000'" >> /tmp/util.sh
- sudo cp /tmp/util.sh /etc/profile.d
- cat /tmp/util.sh
-
- sudo dnf install -y yum-utils device-mapper-persistent-data lvm2
- sudo dnf -y install dnf-plugins-core
- sudo dnf config-manager \
- --add-repo \
- https://download.docker.com/linux/fedora/docker-ce.repo
-
- sudo dnf -y install docker-ce docker-ce-cli containerd.io
- dnf list docker-ce --showduplicates | sort -r
-
- sudo systemctl start docker
- sudo systemctl enable docker
- sudo usermod -aG docker vagrant
- sudo systemctl daemon-reload
-
- true
-
-##########################################
-# Install container
- sudo systemctl restart docker
-SHELL
- config.vm.provision :hostmanager
-end
-
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant.configure("2") do |config|
+ config.vm.box = "generic/fedora30"
+ config.vm.network "private_network", ip: "192.168.50.10", virtualbox__intnet: false
+
+ if Vagrant.has_plugin? "vagrant-vbguest"
+ config.vbguest.no_install = true
+ config.vbguest.auto_update = false
+ config.vbguest.no_remote = true
+end
+ config.hostmanager.enabled = true
+ config.hostmanager.manage_host = false
+ config.hostmanager.manage_guest = true
+ config.hostmanager.ignore_private_ip = false
+ config.hostmanager.include_offline = true
+
+ config.vm.network "public_network"
+ config.vm.hostname = 'fedora-generic'
+ config.hostmanager.aliases = %w(fedora-generic.localdomain fedora-generic.local fcg.local)
+
+ config.vm.synced_folder ".", "/data"
+
+ config.vm.provider "virtualbox" do |vb|
+ vb.name="fedora-generic"
+ vb.gui = false
+ vb.memory = "3036"
+ vb.cpus = 4
+ end
+
+ config.vm.provision "shell", inline: <<-SHELL
+ echo "secret" | sudo passwd --stdin root
+ echo "secret" | sudo passwd --stdin vagrant
+ sudo cp -pr ~vagrant/.ssh /root
+ sudo chown -R root.root /root/.ssh
+
+ sudo dnf -y update
+ sudo dnf -y install telnet vim-enhanced net-tools git python python2-pip python34-PyYAML moreutils net-tools python-psutil perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils vim-enhanced unzip zip jq youtube-dl ffmpeg make mariadb psmisc PyYAML tofrodos python3 chromedriver wget
+ sudo dnf -y install python34-pip moreutils net-tools python-psutil perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils vim-enhanced unzip zip jq youtube-dl ffmpeg make mariadb psmisc PyYAML tofrodos python3 wget python-beautifulsoup4 npm rclone golang yum-utils device-mapper-persistent-data lvm2 docker
+
+ echo "alias h='function hdi(){ howdoi \$* -c -n 5; }; hdi'" >> /tmp/util.sh
+ echo "alias s=sudo" >> /tmp/util.sh
+ echo "alias h=history" >> /tmp/util.sh
+ echo "alias hserver='python -m http.server 8000'" >> /tmp/util.sh
+ sudo cp /tmp/util.sh /etc/profile.d
+ cat /tmp/util.sh
+
+ sudo dnf install -y yum-utils device-mapper-persistent-data lvm2
+ sudo dnf -y install dnf-plugins-core
+ sudo dnf config-manager \
+ --add-repo \
+ https://download.docker.com/linux/fedora/docker-ce.repo
+
+ sudo dnf -y install docker-ce docker-ce-cli containerd.io
+ dnf list docker-ce --showduplicates | sort -r
+
+ sudo systemctl start docker
+ sudo systemctl enable docker
+ sudo usermod -aG docker vagrant
+ sudo systemctl daemon-reload
+
+ true
+
+##########################################
+# Install container
+ sudo systemctl restart docker
+SHELL
+ config.vm.provision :hostmanager
+end
+
diff --git a/build/bashrc b/build/bashrc
index 18344a8..605ee6d 100644
--- a/build/bashrc
+++ b/build/bashrc
@@ -1,12 +1,42 @@
+# Some Alias
+alias h=history
+alias s=sudo
+alias rsh='ssh -l root'
+alias lh='ls -lsh'
+alias ll='ls -ls'
+alias la='ls -lsa'
+
alias gst='git status'
+alias grm='git rm -f'
+alias gadd='git add'
alias gcm='git commit -m'
+alias gps='git push'
+alias gpl='git pull'
+alias glg='git log'
alias gmh='git log --follow -p --'
-alias ll='ls -ls'
-alias lh='ls -lsh'
-alias la='ls -lsa'
-alias gam='git status | grep "modified" | cut -d: -f2 | xargs -n 1 git add'
+alias gbl='git blame'
+alias grs='git reset --soft HEAD~1'
+alias grh='git reset --hard HEAD~1'
alias serve="python -m $(python -c 'import sys; print("http.server" if sys.version_info[:2] > (2,7) else "SimpleHTTPServer")')"
+
+gunt() {
+ git status | \
+ grep -vE '(Changes to be committed:| to publish your local commits|git add|git restore|On branch|Your branch|Untracked files|nclude in what will b|but untracked files present|no changes added to commit|modified:|deleted:|Changes not staged for commit)' |\
+ sort | uniq | \
+ xargs -n 1 $*
+}
+
+alias gam='git status | grep "modified" | cut -d: -f2 | xargs -n 1 git add'
+
+gad() {
+ git status | \
+ grep 'deleted:' | \
+ cut -d: -f2- | \
+ sort | uniq | \
+ xargs -n 1 git rm -f
+}
+
dcmd()
{
docker exec -i -t $1 bash
@@ -66,4 +96,20 @@ exec_mysqls()
echo "* Executing $sqlfile on $container_name"
cat $sqlfile | mysql -u root -h 127.0.0.1 -P $container_port
done < "$input"
-}
\ No newline at end of file
+}
+
+gen_mysqlalias()
+{
+ input="$1"
+
+ while IFS='' read -r line
+ do
+ [ -z "$line" ] && continue
+ container_port=$(echo "$line" | cut -d\; -f1)
+ container_name=$(echo "$line" | cut -d\; -f2)
+ container_datadir=$(echo "$line" | cut -d\; -f3)
+ image_name=$(echo "$line" | cut -d\; -f4)
+
+ alias mysql_$container_name="mysql -u root -h 127.0.0.1 -P $container_port"
+ done < "$input"
+}
diff --git a/build/clearContainer.sh b/build/clearContainer.sh
new file mode 100644
index 0000000..410a071
--- /dev/null
+++ b/build/clearContainer.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+docker ps | awk '{ print $NF}' |grep -v NAMES | xargs -n 1 docker kill
+docker ps -a | awk '{ print $NF}' |grep -v NAMES | xargs -n 1 docker rm
+docker ps -a
diff --git a/build/createMassDockerImages.sh b/build/createMassDockerImages.sh
index a100dab..543d860 100644
--- a/build/createMassDockerImages.sh
+++ b/build/createMassDockerImages.sh
@@ -3,7 +3,7 @@
input="./build/configimg.conf"
default_password="secret"
-eco "[client]
+echo "[client]
user=root
password=$default_password" > $HOME/.my.cnf
@@ -25,7 +25,7 @@ chmod 600 $HOME/.my.cnf
5309;mariadb101;/var/lib/mariadb101;mariadb:10.1
5310;mariadb100;/var/lib/mariadb100;mariadb:10.0
5311;mariadb55;/var/lib/mariadb55;mariadb:5.5
-" > $input
+" > "$input"
#
@@ -46,7 +46,8 @@ do
[ $? -eq 0 ] || continue
fi
echo "* PULLING DOCKER IMAGE: $image_name"
- docker pull $image_name
+ docker images | grep -E " $image_name$"
+ [ $? -ne 0 ] && docker pull $image_name
echo "* REMOVING CONTAINER : $image_name"
docker ps -a | grep -qE "$container_name^"
diff --git a/build/createTestEnvs.sh b/build/createTestEnvs.sh
index 7cc3f2e..e9addee 100644
--- a/build/createTestEnvs.sh
+++ b/build/createTestEnvs.sh
@@ -1,20 +1,23 @@
#!/bin/sh
source build/bashrc
-sudo dnf install -y yum-utils device-mapper-persistent-data lvm2
-sudo dnf -y install dnf-plugins-core
-sudo dnf config-manager \
---add-repo \
-https://download.docker.com/linux/fedora/docker-ce.repo
-sudo dnf -y install docker-ce docker-ce-cli containerd.io
-dnf list docker-ce --showduplicates | sort -r
+systemctl status docker &>/dev/null
+if [ $? -ne 0 ];then
+ sudo dnf install -y yum-utils device-mapper-persistent-data lvm2
+ sudo dnf -y install dnf-plugins-core
+ sudo dnf config-manager \
+ --add-repo \
+ https://download.docker.com/linux/fedora/docker-ce.repo
-sudo systemctl start docker
-sudo systemctl enable docker
-sudo usermod -aG docker vagrant
-sudo systemctl daemon-reload
+ sudo dnf -y install docker-ce docker-ce-cli containerd.io
+ dnf list docker-ce --showduplicates | sort -r
+ sudo systemctl start docker
+ sudo systemctl enable docker
+ sudo usermod -aG docker vagrant
+ sudo systemctl daemon-reload
+fi
sh build/createMassDockerImages.sh
diff --git a/build/fetchSampleDatabases.sh b/build/fetchSampleDatabases.sh
index 7116965..b580a1d 100644
--- a/build/fetchSampleDatabases.sh
+++ b/build/fetchSampleDatabases.sh
@@ -23,10 +23,7 @@ case "$1" in
mkdir -p ./contents
[ -f "contents/$(basename $(getVal "DB_$2_URL"))" ] || wget -O contents/$(basename $(getVal "DB_$2_URL")) $(getVal "DB_$2_URL")
if [ $? -eq 0 ];then
- (
- cd contents
- unzip $(basename $(getVal "DB_$2_URL")))
- )
+ (cd contents; unzip $( basename $(getVal "DB_$2_URL")) )
fi
;;
"clean")
diff --git a/build/runMT.sh b/build/runMT.sh
index 2bf658d..d41fe7d 100644
--- a/build/runMT.sh
+++ b/build/runMT.sh
@@ -13,7 +13,7 @@ do
if [ -n "$1" -a "$1" != "$container_name" ]; then
continue
fi
- #set -x
+ shift
sudo rm -f /var/lib/mysql
sudo ln -sf $container_datadir /var/lib/mysql
sudo chmod 777 /var/lib/mysql
@@ -21,5 +21,6 @@ do
#sudo docker logs $container_name > /tmp/mysqld.log
ls -ls /var/lib | grep -E 'mysql$'
#set +x
- perl mysqltuner.pl --verbose --host 127.0.0.1 --port $container_port
+ perl mysqltuner.pl $* --host 127.0.0.1 --port $container_port
+ exit $?
done < "$input"
diff --git a/build/txt2html.pl b/build/txt2Html.pl
similarity index 67%
rename from build/txt2html.pl
rename to build/txt2Html.pl
index 7b03d42..2283630 100644
--- a/build/txt2html.pl
+++ b/build/txt2Html.pl
@@ -14,14 +14,15 @@ my $i=1;
while (my $row = <$fh>) {
chomp $row;
if ($row =~ /^$headerSep/) {
- print "</pre>\n";
- $row =~ s/$headerSep//g;
- print "<H3 >$row</H3>\n";
- print "<pre>";
- $i++;
- next;
- }
+ print "</pre>\n";
+ $row =~ s/$headerSep//g;
+ print "<H3 >$row</H3>\n";
+ print "<pre>";
+ $i++;
+ next;
+ }
print "$row\n" unless $row =~ /^\s*$/;
}
print "</pre>\n";
close $fh;
+
diff --git a/build/updateCVElist.pl b/build/updateCVElist.pl
index 122fb50..5369e45 100644
--- a/build/updateCVElist.pl
+++ b/build/updateCVElist.pl
@@ -1,79 +1,79 @@
-#!/usr/bin/perl
-use warnings;
-use strict;
-use WWW::Mechanize::GZip;
-use File::Util;
-use Data::Dumper;
-use List::MoreUtils qw(uniq);
-my $verbose=1;
-sub AUTOLOAD {
- use vars qw($AUTOLOAD);
- my $cmd = $AUTOLOAD;
- $cmd=~s/.*:://;
- print "\n","*" x 60, "\n* Catching system call : $cmd \n", "*"x60 if defined $verbose;
- print "\nExecution : \t", $cmd, " ", join " ", @_ if defined $verbose;
- my $outp=`$cmd @_ 2>&1`;
- my $rc=$?;
- print "\nResult : \t$outp", if defined $verbose;
- print "Code : \t", $rc, "\n" if defined $verbose;
- return $rc;
-}
-
-my $mech = WWW::Mechanize->new();
-$mech->agent('Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0');
-#$mech->proxy( ['http'], 'http://XXX.XXX.XXX.XXX:3128' );
-#$mech->proxy( ['https'], 'http://XXX.XXX.XXX.XXX:3128' );
-$mech->env_proxy;
-
-
-$mech->ssl_opts( 'verify_hostname' => 0 );
-
-
-$mech->requests_redirectable(['GET', 'POST', 'HEAD']);
-
-
-$mech->add_handler("request_send", sub { print '#'x80,"\nSEND REQUEST:\n"; shift->dump; print '#'x80,"\n";return } ) if defined $verbose;
-$mech->add_handler("response_done", sub { print '#'x80,"\nDONE RESPONSE:\n"; shift->dump; print '#'x80,"\n"; return }) if defined $verbose;
-$mech->add_handler("response_redirect" => sub { print '#'x80,"\nREDIRECT RESPONSE:\n"; shift->dump; print '#'x80,"\n"; return }) if defined $verbose;
-
-
-my $url = 'http://cve.mitre.org/data/downloads/allitems.csv';
-my $resp;
-
-unless (-f 'cve.csv') {
- $resp=$mech->get($url);
- $mech->save_content( "cve.csv" );
-}
-my $f=File::Util->new( readlimit => 152428800);
-File::Util->flock_rules( qw/ IGNORE/ );
-
-my @versions;
-my $temp;
-unlink '../vulnerabilities.csv' if -f '../vulnerabilities.csv';
-open(CVE, 'cve.csv') or die("Could not open file.");
-foreach my $line (<CVE>) {
- if ($line =~ /(mysql|mariadb|percona)/i
- and $line =~ /server/i
- and $line =~ /CANDIDATE/i
- and $line !~ /MaxDB/i
- and $line !~ /\*\* REJECT \*\* /i
- and $line !~ /\*\* DISPUTED \*\* /i
- and $line !~ /(Radius|Proofpoint|Active\ Record|XAMPP|TGS\ Content|e107|post-installation|Apache\ HTTP|Zmanda|pforum|phpMyAdmin|Proxy\ Server|on\ Windows|ADOdb|Mac\ OS|Dreamweaver|InterWorx|libapache2|cisco|ProFTPD)/i) {
- $line =~ s/,/;/g;
-
- @versions = $line =~/(\d{1,2}\.\d+\.[\d]+)/g;
-
- foreach my $vers (uniq(@versions)) {
- my @nb=split('\.', $vers);
- $nb[2]-- if ($line =~ /before/i);
- #print $vers."\n".Dumper @nb;
- #print "$line";
- #exit 0 if ($line =~/before/i) ;
- $f->write_file('file' => '../vulnerabilities.csv', 'content' => "$nb[0].$nb[1].$nb[2];$nb[0];$nb[1];$nb[2];$line", 'mode' => 'append');
- }
- }
-}
-close(CVE);
-#unlink ('cve.csv') if (-f 'cve.csv');
-
-exit(0);
+#!/usr/bin/perl
+use warnings;
+use strict;
+use WWW::Mechanize::GZip;
+use File::Util;
+use Data::Dumper;
+use List::MoreUtils qw(uniq);
+my $verbose=1;
+sub AUTOLOAD {
+ use vars qw($AUTOLOAD);
+ my $cmd = $AUTOLOAD;
+ $cmd=~s/.*:://;
+ print "\n","*" x 60, "\n* Catching system call : $cmd \n", "*"x60 if defined $verbose;
+ print "\nExecution : \t", $cmd, " ", join " ", @_ if defined $verbose;
+ my $outp=`$cmd @_ 2>&1`;
+ my $rc=$?;
+ print "\nResult : \t$outp", if defined $verbose;
+ print "Code : \t", $rc, "\n" if defined $verbose;
+ return $rc;
+}
+
+my $mech = WWW::Mechanize->new();
+$mech->agent('Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0');
+#$mech->proxy( ['http'], 'http://XXX.XXX.XXX.XXX:3128' );
+#$mech->proxy( ['https'], 'http://XXX.XXX.XXX.XXX:3128' );
+$mech->env_proxy;
+
+
+$mech->ssl_opts( 'verify_hostname' => 0 );
+
+
+$mech->requests_redirectable(['GET', 'POST', 'HEAD']);
+
+
+$mech->add_handler("request_send", sub { print '#'x80,"\nSEND REQUEST:\n"; shift->dump; print '#'x80,"\n";return } ) if defined $verbose;
+$mech->add_handler("response_done", sub { print '#'x80,"\nDONE RESPONSE:\n"; shift->dump; print '#'x80,"\n"; return }) if defined $verbose;
+$mech->add_handler("response_redirect" => sub { print '#'x80,"\nREDIRECT RESPONSE:\n"; shift->dump; print '#'x80,"\n"; return }) if defined $verbose;
+
+
+my $url = 'http://cve.mitre.org/data/downloads/allitems.csv';
+my $resp;
+
+unless (-f 'cve.csv') {
+ $resp=$mech->get($url);
+ $mech->save_content( "cve.csv" );
+}
+my $f=File::Util->new( readlimit => 152428800);
+File::Util->flock_rules( qw/ IGNORE/ );
+
+my @versions;
+my $temp;
+unlink '../vulnerabilities.csv' if -f '../vulnerabilities.csv';
+open(CVE, 'cve.csv') or die("Could not open file.");
+foreach my $line (<CVE>) {
+ if ($line =~ /(mysql|mariadb|percona)/i
+ and $line =~ /server/i
+ and $line =~ /CANDIDATE/i
+ and $line !~ /MaxDB/i
+ and $line !~ /\*\* REJECT \*\* /i
+ and $line !~ /\*\* DISPUTED \*\* /i
+ and $line !~ /(Radius|Proofpoint|Active\ Record|XAMPP|TGS\ Content|e107|post-installation|Apache\ HTTP|Zmanda|pforum|phpMyAdmin|Proxy\ Server|on\ Windows|ADOdb|Mac\ OS|Dreamweaver|InterWorx|libapache2|cisco|ProFTPD)/i) {
+ $line =~ s/,/;/g;
+
+ @versions = $line =~/(\d{1,2}\.\d+\.[\d]+)/g;
+
+ foreach my $vers (uniq(@versions)) {
+ my @nb=split('\.', $vers);
+ $nb[2]-- if ($line =~ /before/i);
+ #print $vers."\n".Dumper @nb;
+ #print "$line";
+ #exit 0 if ($line =~/before/i) ;
+ $f->write_file('file' => '../vulnerabilities.csv', 'content' => "$nb[0].$nb[1].$nb[2];$nb[0];$nb[1];$nb[2];$line", 'mode' => 'append');
+ }
+ }
+}
+close(CVE);
+#unlink ('cve.csv') if (-f 'cve.csv');
+
+exit(0);
diff --git a/createTestEnvs.sh b/createTestEnvs.sh
deleted file mode 100644
index f99a792..0000000
--- a/createTestEnvs.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/sh
-
-source build/bashrc
-sudo dnf install -y yum-utils device-mapper-persistent-data lvm2
-sudo dnf -y install dnf-plugins-core
-sudo dnf config-manager \
---add-repo \
-https://download.docker.com/linux/fedora/docker-ce.repo
-
-sudo dnf -y install docker-ce docker-ce-cli containerd.io
-dnf list docker-ce --showduplicates | sort -r
-
-sudo systemctl start docker
-sudo systemctl enable docker
-sudo usermod -aG docker vagrant
-sudo systemctl daemon-reload
-
-
-sh build/createMassDockerImages.sh
-
-sh build/fetchSampleDatabases.sh fetchall
-
-exec_mysqls build/configimg.conf mysql contents/sakila-db/sakila-schema.sql
-exec_mysqls build/configimg.conf mysql contents/sakila-db/sakila-data.sql
\ No newline at end of file
diff --git a/debian/changelog b/debian/changelog
index 6e0f1c8..978d048 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+mysqltuner (1.9.9-1) UNRELEASED; urgency=low
+
+ * New upstream release.
+
+ -- Debian Janitor <janitor@jelmer.uk> Wed, 12 Oct 2022 10:51:47 -0000
+
mysqltuner (1.7.17-1) unstable; urgency=medium
[ KURASHIKI Satoru ]
diff --git a/mtlogo.png b/mtlogo.png
new file mode 100644
index 0000000..de5c8c4
Binary files /dev/null and b/mtlogo.png differ
diff --git a/mysqltuner.pl b/mysqltuner.pl
index 18bc625..2b526d2 100755
--- a/mysqltuner.pl
+++ b/mysqltuner.pl
@@ -1,9 +1,10 @@
#!/usr/bin/env perl
-# mysqltuner.pl - Version 1.7.17
+# mysqltuner.pl - Version 1.9.9
# High Performance MySQL Tuning Script
-# Copyright (C) 2006-2018 Major Hayden - major@mhtx.net
-#
-# For the latest updates, please visit http://mysqltuner.com/
+# Copyright (C) 2006-2022 Major Hayden - major@mhtx.net
+# Copyright (C) 2006-2022 Jean-Marie Renouard - jmrenouard@gmail.com
+
+# For the latest updates, please visit http://mysqltuner.pl/
# Git repository available at https://github.com/major/MySQLTuner-perl
#
# This program is free software: you can redistribute it and/or modify
@@ -31,7 +32,7 @@
# Simon Greenaway Adam Stein Isart Montane
# Baptiste M. Cole Turner Major Hayden
# Joe Ashcraft Jean-Marie Renouard Christian Loos
-# Julien Francoz
+# Julien Francoz Daniel Black
#
# Inspired by Matthew Montgomery's tuning-primer.sh script:
# http://www.day32.com/MySQL/
@@ -49,14 +50,14 @@ use Pod::Usage;
use File::Basename;
use Cwd 'abs_path';
-use Data::Dumper;
-$Data::Dumper::Pair = " : ";
+#use Data::Dumper;
+#$Data::Dumper::Pair = " : ";
# for which()
#use Env;
# Set up a few variables for use in the script
-my $tunerversion = "1.7.17";
+my $tunerversion = "1.9.9";
my ( @adjvars, @generalrec );
# Set defaults
@@ -88,8 +89,11 @@ my %opt = (
"noprocess" => 0,
"dbstat" => 0,
"nodbstat" => 0,
+ "server-log" => '',
"tbstat" => 0,
"notbstat" => 0,
+ "colstat" => 0,
+ "nocolstat" => 0,
"idxstat" => 0,
"noidxstat" => 0,
"sysstat" => 0,
@@ -104,6 +108,7 @@ my %opt = (
"reportfile" => 0,
"verbose" => 0,
"defaults-file" => '',
+ "protocol" => '',
);
# Gather the options from the command line
@@ -130,9 +135,11 @@ GetOptions(
'color', 'noprocess',
'dbstat', 'nodbstat',
'tbstat', 'notbstat',
+ 'colstat', 'nocolstat',
'sysstat', 'nosysstat',
'pfstat', 'nopfstat',
'idxstat', 'noidxstat',
+ 'server-log=s', 'protocol=s',
)
or pod2usage(
-exitval => 1,
@@ -183,23 +190,24 @@ $basic_password_files = "/usr/share/mysqltuner/basic_passwords.txt"
# check if we need to enable verbose mode
if ( $opt{verbose} ) {
- $opt{checkversion} = 1; #Check for updates to MySQLTuner
- $opt{dbstat} = 1; #Print database information
- $opt{tbstat} = 1; #Print database information
- $opt{idxstat} = 1; #Print index information
- $opt{sysstat} = 1; #Print index information
- $opt{buffers} = 1; #Print global and per-thread buffer values
- $opt{pfstat} = 1; #Print performance schema info.
+ $opt{checkversion} = 1; # Check for updates to MySQLTuner
+ $opt{dbstat} = 1; # Print database information
+ $opt{tbstat} = 1; # Print database information
+ $opt{idxstat} = 1; # Print index information
+ $opt{sysstat} = 1; # Print index information
+ $opt{buffers} = 1; # Print global and per-thread buffer values
+ $opt{pfstat} = 1; # Print performance schema info.
$opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks
}
$opt{nocolor} = 1 if defined( $opt{outputfile} );
$opt{tbstat} = 0 if ( $opt{notbstat} == 1 ); # Don't Print table information
+$opt{colstat} = 0 if ( $opt{nocolstat} == 1 ); # Don't Print column information
$opt{dbstat} = 0 if ( $opt{nodbstat} == 1 ); # Don't Print database information
$opt{noprocess} = 0
- if ( $opt{noprocess} == 1 ); # Don't Print process information
+ if ( $opt{noprocess} == 1 ); # Don't Print process information
$opt{sysstat} = 0 if ( $opt{nosysstat} == 1 ); # Don't Print sysstat information
$opt{pfstat} = 0
- if ( $opt{nopfstat} == 1 ); # Don't Print performance schema information
+ if ( $opt{nopfstat} == 1 ); # Don't Print performance schema information
$opt{idxstat} = 0 if ( $opt{noidxstat} == 1 ); # Don't Print index information
# for RPM distributions
@@ -236,12 +244,19 @@ my $deb = ( $opt{nocolor} == 0 ) ? "[\e[0;31mDG\e[0m]" : "[DG]";
my $cmd = ( $opt{nocolor} == 0 ) ? "\e[1;32m[CMD]($me)" : "[CMD]($me)";
my $end = ( $opt{nocolor} == 0 ) ? "\e[0m" : "";
+# Maximum lines of log output to read from end
+my $maxlines = 30000;
+
# Checks for supported or EOL'ed MySQL versions
my ( $mysqlvermajor, $mysqlverminor, $mysqlvermicro );
+# Database
+my @dblist;
+
# Super structure containing all information
my %result;
$result{'MySQLTuner'}{'version'} = $tunerversion;
+$result{'MySQLTuner'}{'datetime'} =`date '+%d-%m-%Y %H:%M:%S'`;
$result{'MySQLTuner'}{'options'} = \%opt;
# Functions that handle the print styles
@@ -288,9 +303,19 @@ sub infoprinthcmd {
# Calculates the number of physical cores considering HyperThreading
sub cpu_cores {
- my $cntCPU =
+ if ( $^O eq 'linux' ) {
+ my $cntCPU =
`awk -F: '/^core id/ && !P[\$2] { CORES++; P[\$2]=1 }; /^physical id/ && !N[\$2] { CPUs++; N[\$2]=1 }; END { print CPUs*CORES }' /proc/cpuinfo`;
- return ( $cntCPU == 0 ? `nproc` : $cntCPU );
+ chomp $cntCPU;
+ return ( $cntCPU == 0 ? `nproc` : $cntCPU );
+ }
+
+ if ( $^O eq 'freebsd' ) {
+ my $cntCPU = `sysctl -n kern.smp.cores`;
+ chomp $cntCPU;
+ return $cntCPU + 0;
+ }
+ return 0;
}
# Calculates the parameter passed in bytes, then rounds it to one decimal place
@@ -403,7 +428,7 @@ sub pretty_uptime {
}
# Retrieves the memory installed on this machine
-my ( $physical_memory, $swap_memory, $duflags );
+my ( $physical_memory, $swap_memory, $duflags, $xargsflags );
sub memerror {
badprint
@@ -413,7 +438,8 @@ sub memerror {
sub os_setup {
my $os = `uname`;
- $duflags = ( $os =~ /Linux/ ) ? '-b' : '';
+ $duflags = ( $os =~ /Linux/ ) ? '-b' : '';
+ $xargsflags = ( $os =~ /Darwin|SunOS/ ) ? '' : '-r';
if ( $opt{'forcemem'} > 0 ) {
$physical_memory = $opt{'forcemem'} * 1048576;
infoprint "Assuming $opt{'forcemem'} MB of physical memory";
@@ -517,7 +543,7 @@ sub get_http_cli {
# Checks for updates to MySQLTuner
sub validate_tuner_version {
- if ( $opt{'checkversion'} eq 0 and $opt{'updateversion'} eq 0 ) {
+ if ( $opt{'checkversion'} eq 0 ) {
print "\n" unless ( $opt{'silent'} or $opt{'json'} );
infoprint "Skipped version check for MySQLTuner script";
return;
@@ -568,6 +594,7 @@ sub update_tuner_version {
}
my $update;
+ my $fullpath="";
my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/";
my @scripts =
( "mysqltuner.pl", "basic_passwords.txt", "vulnerabilities.csv" );
@@ -580,10 +607,12 @@ sub update_tuner_version {
if ( $httpcli =~ /curl$/ ) {
debugprint "$httpcli is available.";
+ $fullpath=dirname(__FILE__)."/".$script;
+ debugprint "FullPath: $fullpath";
debugprint
- "$httpcli --connect-timeout 3 '$url$script' 2>$devnull > $script";
+ "$httpcli --connect-timeout 3 '$url$script' 2>$devnull > $fullpath";
$update =
- `$httpcli --connect-timeout 3 '$url$script' 2>$devnull > $script`;
+ `$httpcli --connect-timeout 3 '$url$script' 2>$devnull > $fullpath`;
chomp($update);
debugprint "$script updated: $update";
@@ -626,8 +655,8 @@ sub update_tuner_version {
else {
badprint "Couldn't update MySQLTuner script";
}
-
- #exit 0;
+ infoprint "Stopping program: MySQLTuner has be updated.";
+ exit 0;
}
sub compare_tuner_version {
@@ -665,6 +694,9 @@ sub mysql_setup {
}
else {
$mysqladmincmd = which( "mysqladmin", $ENV{'PATH'} );
+ if ( !-e $mysqladmincmd ) {
+ $mysqladmincmd = which( "mariadb-admin", $ENV{'PATH'} );
+ }
}
chomp($mysqladmincmd);
if ( !-e $mysqladmincmd && $opt{mysqladmin} ) {
@@ -673,7 +705,8 @@ sub mysql_setup {
exit 1;
}
elsif ( !-e $mysqladmincmd ) {
- badprint "Couldn't find mysqladmin in your \$PATH. Is MySQL installed?";
+ badprint
+"Couldn't find mysqladmin/mariadb-admin in your \$PATH. Is MySQL installed?";
exit 1;
}
if ( $opt{mysqlcmd} ) {
@@ -681,6 +714,9 @@ sub mysql_setup {
}
else {
$mysqlcmd = which( "mysql", $ENV{'PATH'} );
+ if ( !-e $mysqlcmd ) {
+ $mysqlcmd = which( "mariadb", $ENV{'PATH'} );
+ }
}
chomp($mysqlcmd);
if ( !-e $mysqlcmd && $opt{mysqlcmd} ) {
@@ -689,7 +725,8 @@ sub mysql_setup {
exit 1;
}
elsif ( !-e $mysqlcmd ) {
- badprint "Couldn't find mysql in your \$PATH. Is MySQL installed?";
+ badprint
+ "Couldn't find mysql/mariadb in your \$PATH. Is MySQL installed?";
exit 1;
}
$mysqlcmd =~ s/\n$//g;
@@ -710,6 +747,10 @@ sub mysql_setup {
$remotestring = " -S $opt{socket} -P $opt{port}";
}
+ if ( $opt{protocol} ne '' ){
+ $remotestring = " --protocol=$opt{protocol}";
+ }
+
# Are we being asked to connect to a remote server?
if ( $opt{host} ne 0 ) {
chomp( $opt{host} );
@@ -875,7 +916,6 @@ sub mysql_setup {
}
}
else {
-
# It's not Plesk or Debian, we should try a login
debugprint "$mysqladmincmd $remotestring ping 2>&1";
my $loginstatus = `$mysqladmincmd $remotestring ping 2>&1`;
@@ -955,7 +995,6 @@ sub mysql_setup {
exit 1;
}
}
-
}
# MySQL Request Array
@@ -964,7 +1003,7 @@ sub select_array {
debugprint "PERFORM: $req ";
my @result = `$mysqlcmd $mysqllogin -Bse "\\w$req" 2>>/dev/null`;
if ( $? != 0 ) {
- badprint "failed to execute: $req";
+ badprint "Failed to execute: $req";
badprint "FAIL Execute SQL / return code: $?";
debugprint "CMD : $mysqlcmd";
debugprint "OPTIONS: $mysqllogin";
@@ -989,7 +1028,7 @@ sub select_one {
debugprint "PERFORM: $req ";
my $result = `$mysqlcmd $mysqllogin -Bse "\\w$req" 2>>/dev/null`;
if ( $? != 0 ) {
- badprint "failed to execute: $req";
+ badprint "Failed to execute: $req";
badprint "FAIL Execute SQL / return code: $?";
debugprint "CMD : $mysqlcmd";
debugprint "OPTIONS: $mysqllogin";
@@ -1010,7 +1049,7 @@ sub select_one_g {
debugprint "PERFORM: $req ";
my @result = `$mysqlcmd $mysqllogin -re "\\w$req\\G" 2>>/dev/null`;
if ( $? != 0 ) {
- badprint "failed to execute: $req";
+ badprint "Failed to execute: $req";
badprint "FAIL Execute SQL / return code: $?";
debugprint "CMD : $mysqlcmd";
debugprint "OPTIONS: $mysqllogin";
@@ -1034,6 +1073,63 @@ sub select_str_g {
return trim(@val);
}
+sub select_user_dbs {
+ return select_array(
+"SELECT DISTINCT TABLE_SCHEMA FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('mysql', 'information_schema', 'performance_schema', 'percona', 'sys')"
+ );
+}
+
+sub select_tables_db() {
+ my $schema = shift;
+ return select_array(
+"SELECT DISTINCT TABLE_NAME FROM information_schema.TABLES WHERE TABLE_SCHEMA='$schema'"
+ );
+}
+
+sub select_indexes_db() {
+ my $schema = shift;
+ return select_array(
+"SELECT DISTINCT INDEX_NAME FROM information_schema.STATISTICS WHERE TABLE_SCHEMA='$schema'"
+ );
+}
+
+sub select_views_db {
+ my $schema = shift;
+ return select_array(
+"SELECT DISTINCT TABLE_NAME FROM information_schema.VIEWS WHERE TABLE_SCHEMA='$schema'"
+ );
+}
+
+sub select_triggers_db {
+ my $schema = shift;
+ return select_array(
+"SELECT DISTINCT TRIGGER_NAME FROM information_schema.TRIGGERS WHERE TRIGGER_SCHEMA='$schema'"
+ );
+}
+
+sub select_routines_db {
+ my $schema = shift;
+ return select_array(
+"SELECT DISTINCT ROUTINE_NAME FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA='$schema'"
+ );
+}
+
+sub select_table_indexes_db {
+ my $schema = shift;
+ my $tbname = shift;
+ return select_array(
+"SELECT INDEX_NAME FROM information_schema.STATISTICS WHERE TABLE_SCHEMA='$schema' AND TABLE_NAME='$tbname'"
+ );
+}
+
+sub select_table_columns_db {
+ my $schema = shift;
+ my $table = shift;
+ return select_array(
+"SELECT COLUMN_NAME FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='$schema' AND TABLE_NAME='$table'"
+ );
+}
+
sub get_tuning_info {
my @infoconn = select_array "\\s";
my ( $tkey, $tval );
@@ -1115,13 +1211,20 @@ sub get_all_vars {
}
# Support GTID MODE FOR MARIADB
- # Issue MariaDB GTID mode #272
- $myvar{'gtid_mode'} = $myvar{'gtid_strict_mode'}
- if ( defined( $myvar{'gtid_strict_mode'} ) );
-
+ # Issue MariaDB GTID mode #513
+ $myvar{'gtid_mode'} = 'ON'
+ if ( defined( $myvar{'gtid_current_pos'} )
+ and $myvar{'gtid_current_pos'} ne '' );
+
+ # Whether the server uses a thread pool to handle client connections
+ # MariaDB: thread_handling = pool-of-threads
+ # MySQL: thread_handling = loaded-dynamically
$myvar{'have_threadpool'} = "NO";
- if ( defined( $myvar{'thread_pool_size'} )
- and $myvar{'thread_pool_size'} > 0 )
+ if (
+ defined( $myvar{'thread_handling'} )
+ and ( $myvar{'thread_handling'} eq 'pool-of-threads'
+ || $myvar{'thread_handling'} eq 'loaded-dynamically' )
+ )
{
$myvar{'have_threadpool'} = "YES";
}
@@ -1145,12 +1248,28 @@ sub get_all_vars {
$result{'Storage Engines'}{$engine} = $2;
}
}
- debugprint Dumper(@mysqlenginelist);
- my @mysqlslave = select_array("SHOW SLAVE STATUS\\G");
+
+ #debugprint Dumper(@mysqlenginelist);
+
+ my @mysqlslave;
+ if ( mysql_version_eq(8) or mysql_version_ge( 10, 5 ) ) {
+ @mysqlslave = select_array("SHOW REPLICA STATUS\\G");
+ }
+ else {
+ @mysqlslave = select_array("SHOW SLAVE STATUS\\G");
+ }
arr2hash( \%myrepl, \@mysqlslave, ':' );
$result{'Replication'}{'Status'} = \%myrepl;
- my @mysqlslaves = select_array "SHOW SLAVE HOSTS";
- my @lineitems = ();
+
+ my @mysqlslaves;
+ if ( mysql_version_eq(8) or mysql_version_ge( 10, 5 ) ) {
+ @mysqlslaves = select_array "SHOW SLAVE STATUS";
+ }
+ else {
+ @mysqlslaves = select_array("SHOW SLAVE HOSTS\\G");
+ }
+
+ my @lineitems = ();
foreach my $line (@mysqlslaves) {
debugprint "L: $line ";
@lineitems = split /\s+/, $line;
@@ -1209,10 +1328,10 @@ sub get_log_file_real_path {
elsif ( -f "$datadir$hostname.log" ) {
return "$datadir$hostname.log";
}
- elsif ( -f "$datadir"."mysql_error.log" ) {
- return "$datadir"."mysql_error.log";
+ elsif ( -f "$datadir" . "mysql_error.log" ) {
+ return "$datadir" . "mysql_error.log";
}
- elsif ( -f "/var/log/mysql.log" ) {
+ elsif ( -f "/var/log/mysql.log" ) {
return "/var/log/mysql.log";
}
elsif ( -f "/var/log/mysqld.log" ) {
@@ -1224,8 +1343,8 @@ sub get_log_file_real_path {
elsif ( -f "/var/log/mysql/$hostname.log" ) {
return "/var/log/mysql/$hostname.log";
}
- elsif ( -f "/var/log/mysql/"."mysql_error.log" ) {
- return "/var/log/mysql/"."mysql_error.log";
+ elsif ( -f "/var/log/mysql/" . "mysql_error.log" ) {
+ return "/var/log/mysql/" . "mysql_error.log";
}
else {
return $file;
@@ -1233,48 +1352,64 @@ sub get_log_file_real_path {
}
sub log_file_recommendations {
- $myvar{'log_error'} =
- get_log_file_real_path( $myvar{'log_error'}, $myvar{'hostname'},
+ my $fh;
+ $myvar{'log_error'} = $opt{'server-log'}
+ || get_log_file_real_path( $myvar{'log_error'}, $myvar{'hostname'},
$myvar{'datadir'} );
subheaderprint "Log file Recommendations";
if ( "$myvar{'log_error'}" eq "stderr" ) {
badprint "log_error is set to $myvar{'log_error'} MT can't read stderr";
- return
- }
- if ( -f "$myvar{'log_error'}" ) {
- goodprint "Log file $myvar{'log_error'} exists";
- }
- else {
- badprint "Log file $myvar{'log_error'} doesn't exist";
return;
}
- infoprint "Log file: "
- . $myvar{'log_error'} . "("
- . hr_bytes_rnd( ( stat $myvar{'log_error'} )[7] ) . ")";
-
- if ( -r "$myvar{'log_error'}" ) {
- goodprint "Log file $myvar{'log_error'} is readable.";
+ elsif ( $myvar{'log_error'} =~ /^(docker|podman|kubectl):(.*)/ ) {
+ open( $fh, '-|', "$1 logs --tail=$maxlines '$2'" )
+ // die "Can't start $1 $!";
+ goodprint "Log from cloud` $myvar{'log_error'} exists";
}
- else {
- badprint "Log file $myvar{'log_error'} isn't readable.";
- return;
- }
- if ( ( stat $myvar{'log_error'} )[7] > 0 ) {
- goodprint "Log file $myvar{'log_error'} is not empty";
- }
- else {
- badprint "Log file $myvar{'log_error'} is empty";
+ elsif ( $myvar{'log_error'} =~ /^systemd:(.*)/ ) {
+ open( $fh, '-|', "journalctl -n $maxlines -b -u '$1'" )
+ // die "Can't start journalctl $!";
+ goodprint "Log journal` $myvar{'log_error'} exists";
}
+ elsif ( -f "$myvar{'log_error'}" ) {
+ goodprint "Log file $myvar{'log_error'} exists";
+ my $size = ( stat $myvar{'log_error'} )[7];
+ infoprint "Log file: "
+ . $myvar{'log_error'} . " ("
+ . hr_bytes_rnd($size) . ")";
+
+ if ( $size > 0 ) {
+ goodprint "Log file $myvar{'log_error'} is not empty";
+ if ( $size < 32 * 1024 * 1024 ) {
+ goodprint "Log file $myvar{'log_error'} is smaller than 32 Mb";
+ }
+ else {
+ badprint "Log file $myvar{'log_error'} is bigger than 32 Mb";
+ push @generalrec,
+ $myvar{'log_error'}
+ . " is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!";
+ }
+ }
+ else {
+ infoprint
+"Log file $myvar{'log_error'} is empty. Assuming log-rotation. Use --server-log={file} for explicit file";
+ return;
+ }
+ if ( !open( $fh, '<', $myvar{'log_error'} ) ) {
+ badprint "Log file $myvar{'log_error'} isn't readable.";
+ return;
+ }
+ goodprint "Log file $myvar{'log_error'} is readable.";
- if ( ( stat $myvar{'log_error'} )[7] < 32 * 1024 * 1024 ) {
- goodprint "Log file $myvar{'log_error'} is smaller than 32 Mb";
+ if ( $maxlines * 80 < $size ) {
+ seek( $fh, -$maxlines * 80, 2 );
+ <$fh>; # discard line fragment
+ }
}
else {
- badprint "Log file $myvar{'log_error'} is bigger than 32 Mb";
- push @generalrec,
- $myvar{'log_error'}
- . " is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!";
+ badprint "Log file $myvar{'log_error'} doesn't exist";
+ return;
}
my $numLi = 0;
@@ -1283,15 +1418,13 @@ sub log_file_recommendations {
my @lastShutdowns;
my @lastStarts;
- open( my $fh, '<', $myvar{'log_error'} )
- or die "Can't open $myvar{'log_error'} for read: $!";
-
while ( my $logLi = <$fh> ) {
chomp $logLi;
$numLi++;
- debugprint "$numLi: $logLi" if $logLi =~ /warning|error/i;
- $nbErrLog++ if $logLi =~ /error/i;
- $nbWarnLog++ if $logLi =~ /warning/i;
+ debugprint "$numLi: $logLi"
+ if $logLi =~ /warning|error/i and $logLi !~ /Logging to/;
+ $nbErrLog++ if $logLi =~ /error/i and $logLi !~ /Logging to/;
+ $nbWarnLog++ if $logLi =~ /warning/i;
push @lastShutdowns, $logLi
if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i;
push @lastStarts, $logLi if $logLi =~ /ready for connections/;
@@ -1300,15 +1433,14 @@ sub log_file_recommendations {
if ( $nbWarnLog > 0 ) {
badprint "$myvar{'log_error'} contains $nbWarnLog warning(s).";
- push @generalrec,
- "Control warning line(s) into $myvar{'log_error'} file";
+ push @generalrec, "Check warning line(s) in $myvar{'log_error'} file";
}
else {
goodprint "$myvar{'log_error'} doesn't contain any warning.";
}
if ( $nbErrLog > 0 ) {
badprint "$myvar{'log_error'} contains $nbErrLog error(s).";
- push @generalrec, "Control error line(s) into $myvar{'log_error'} file";
+ push @generalrec, "Check error line(s) in $myvar{'log_error'} file";
}
else {
goodprint "$myvar{'log_error'} doesn't contain any error.";
@@ -1399,7 +1531,8 @@ sub get_opened_ports {
$v;
} @opened_ports;
@opened_ports = sort { $a <=> $b } grep { !/^$/ } @opened_ports;
- debugprint Dumper \@opened_ports;
+
+ #debugprint Dumper \@opened_ports;
$result{'Network'}{'TCP Opened'} = \@opened_ports;
return @opened_ports;
}
@@ -1474,23 +1607,29 @@ sub get_os_release {
sub get_fs_info {
my @sinfo = `df -P | grep '%'`;
my @iinfo = `df -Pi| grep '%'`;
+ shift @sinfo;
shift @iinfo;
- @sinfo = map {
- my $v = $_;
- $v =~ s/.*\s(\d+)%\s+(.*)/$1\t$2/g;
- $v;
- } @sinfo;
+
foreach my $info (@sinfo) {
- next if $info =~ m{(\d+)\t/(run|dev|sys|proc)($|/)};
- if ( $info =~ /(\d+)\t(.*)/ ) {
- if ( $1 > 85 ) {
- badprint "mount point $2 is using $1 % total space";
- push( @generalrec, "Add some space to $2 mountpoint." );
+
+ #exit(0);
+ if ( $info =~ /.*?(\d+)\s+(\d+)\s+(\d+)\s+(\d+)%\s+(.*)$/ ) {
+ next if $5 =~ m{(run|dev|sys|proc|snap|init)};
+ if ( $4 > 85 ) {
+ badprint "mount point $5 is using $4 % total space ("
+ . human_size( $2 * 1024 ) . " / "
+ . human_size( $1 * 1024 ) . ")";
+ push( @generalrec, "Add some space to $4 mountpoint." );
}
else {
- infoprint "mount point $2 is using $1 % of total space";
+ infoprint "mount point $5 is using $4 % total space ("
+ . human_size( $2 * 1024 ) . " / "
+ . human_size( $1 * 1024 ) . ")";
}
- $result{'Filesystem'}{'Space Pct'}{$2} = $1;
+ $result{'Filesystem'}{'Space Pct'}{$5} = $4;
+ $result{'Filesystem'}{'Used Space'}{$5} = $2;
+ $result{'Filesystem'}{'Free Space'}{$5} = $3;
+ $result{'Filesystem'}{'Total Space'}{$5} = $1;
}
}
@@ -1530,8 +1669,18 @@ sub merge_hash {
}
sub is_virtual_machine {
- my $isVm = `grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo`;
- return ( $isVm == 0 ? 0 : 1 );
+ if ( $^O eq 'linux' ) {
+ my $isVm = `grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo`;
+ return ( $isVm == 0 ? 0 : 1 );
+ }
+
+ if ( $^O eq 'freebsd' ) {
+ my $isVm = `sysctl -n kern.vm_guest`;
+ chomp $isVm;
+ print "FARK DEBUG isVm=[$isVm]";
+ return ( $isVm eq 'none' ? 0 : 1 );
+ }
+ return 0;
}
sub infocmd {
@@ -1600,17 +1749,18 @@ sub get_kernel_info {
infoprint "TCP slot entries is > 100.";
}
- if ( `sysctl -n fs.aio-max-nr` < 1000000 ) {
- badprint
+ if ( -f "/proc/sys/fs/aio-max-nr" ) {
+ if ( `sysctl -n fs.aio-max-nr` < 1000000 ) {
+ badprint
"Max running total of the number of events is < 1M, please consider having a value greater than 1M";
- push @generalrec, "setup Max running number events greater than 1M";
- push @adjvars,
- 'fs.aio-max-nr > 1M (echo 1048576 > /proc/sys/fs/aio-max-nr)';
- }
- else {
- infoprint "Max Number of AIO events is > 1M.";
+ push @generalrec, "setup Max running number events greater than 1M";
+ push @adjvars,
+ 'fs.aio-max-nr > 1M (echo 1048576 > /proc/sys/fs/aio-max-nr)';
+ }
+ else {
+ infoprint "Max Number of AIO events is > 1M.";
+ }
}
-
}
sub get_system_info {
@@ -1751,7 +1901,9 @@ sub system_recommendations {
}
}
+ subheaderprint "Filesystem Linux Recommendations";
get_fs_info;
+ subheaderprint "Kernel Information Recommendations";
get_kernel_info;
}
@@ -1770,34 +1922,47 @@ sub security_recommendations {
}
my $PASS_COLUMN_NAME = 'password';
- if ( $myvar{'version'} =~ /5\.7|10\..*MariaDB*/ ) {
+
+ # New table schema available since mysql-5.7 and mariadb-10.2
+ # But need to be checked
+ if ( $myvar{'version'} =~ /5\.7|10\.[2-5]\..*MariaDB*/ ) {
my $password_column_exists =
`$mysqlcmd $mysqllogin -Bse "SELECT 1 FROM information_schema.columns WHERE TABLE_SCHEMA = 'mysql' AND TABLE_NAME = 'user' AND COLUMN_NAME = 'password'" 2>>/dev/null`;
- if ($password_column_exists) {
+ my $authstring_column_exists =
+`$mysqlcmd $mysqllogin -Bse "SELECT 1 FROM information_schema.columns WHERE TABLE_SCHEMA = 'mysql' AND TABLE_NAME = 'user' AND COLUMN_NAME = 'authentication_string'" 2>>/dev/null`;
+ if ( $password_column_exists && $authstring_column_exists ) {
$PASS_COLUMN_NAME =
"IF(plugin='mysql_native_password', authentication_string, password)";
}
- else {
+ elsif ($authstring_column_exists) {
$PASS_COLUMN_NAME = 'authentication_string';
}
+ elsif ( !$password_column_exists ) {
+ infoprint "Skipped due to none of known auth columns exists";
+ return;
+ }
}
debugprint "Password column = $PASS_COLUMN_NAME";
# Looking for Anonymous users
my @mysqlstatlist = select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE TRIM(USER) = '' OR USER IS NULL";
- debugprint Dumper \@mysqlstatlist;
+"SELECT CONCAT(QUOTE(user), '\@', QUOTE(host)) FROM mysql.user WHERE TRIM(USER) = '' OR USER IS NULL";
+
+ #debugprint Dumper \@mysqlstatlist;
#exit 0;
if (@mysqlstatlist) {
- foreach my $line ( sort @mysqlstatlist ) {
- chomp($line);
- badprint "User '" . $line . "' is an anonymous account.";
- }
push( @generalrec,
"Remove Anonymous User accounts - there are "
. scalar(@mysqlstatlist)
. " anonymous accounts." );
+ foreach my $line ( sort @mysqlstatlist ) {
+ chomp($line);
+ badprint "User "
+ . $line
+ . " is an anonymous account. Remove with DROP USER "
+ . $line . ";";
+ }
}
else {
goodprint "There are no anonymous accounts for any database users";
@@ -1809,22 +1974,28 @@ sub security_recommendations {
}
# Looking for Empty Password
- if ( mysql_version_ge( 5, 5 ) ) {
+ if ( mysql_version_ge( 10, 4 ) ) {
@mysqlstatlist = select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL) AND plugin NOT IN ('unix_socket', 'win_socket', 'auth_pam_compat')";
+q{SELECT CONCAT(QUOTE(user), '@', QUOTE(host)) FROM mysql.global_priv WHERE
+ user != ''
+ AND JSON_CONTAINS(Priv, '"mysql_native_password"', '$.plugin') AND JSON_CONTAINS(Priv, '""', '$.authentication_string')
+ AND NOT JSON_CONTAINS(Priv, 'true', '$.account_locked')};
}
else {
@mysqlstatlist = select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL)";
+"SELECT CONCAT(QUOTE(user), '\@', QUOTE(host)) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL)
+ AND user != ''
+ /*!50501 AND plugin NOT IN ('auth_socket', 'unix_socket', 'win_socket', 'auth_pam_compat') */
+ /*!80000 AND account_locked = 'N' AND password_expired = 'N' */";
}
if (@mysqlstatlist) {
foreach my $line ( sort @mysqlstatlist ) {
chomp($line);
badprint "User '" . $line . "' has no password set.";
+ push( @generalrec,
+"Set up a Secure Password for $line user: SET PASSWORD FOR $line = PASSWORD('secure_password');"
+ );
}
- push( @generalrec,
-"Set up a Password for user with the following SQL statement ( SET PASSWORD FOR 'user'\@'SpecificDNSorIp' = PASSWORD('secure_password'); )"
- );
}
else {
goodprint "All database users have passwords assigned";
@@ -1843,27 +2014,33 @@ sub security_recommendations {
# Looking for User with user/ uppercase /capitalise user as password
@mysqlstatlist = select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(user) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(UPPER(user)) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(CONCAT(UPPER(LEFT(User, 1)), SUBSTRING(User, 2, LENGTH(User))))";
+"SELECT CONCAT(QUOTE(user), '\@', QUOTE(host)) FROM mysql.user WHERE user != '' AND (CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(user) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(UPPER(user)) OR CAST($PASS_COLUMN_NAME as Binary) = PASSWORD(CONCAT(UPPER(LEFT(User, 1)), SUBSTRING(User, 2, LENGTH(User)))))";
if (@mysqlstatlist) {
foreach my $line ( sort @mysqlstatlist ) {
chomp($line);
- badprint "User '" . $line . "' has user name as password.";
+ badprint "User " . $line . " has user name as password.";
+ push( @generalrec,
+"Set up a Secure Password for $line user: SET PASSWORD FOR $line = PASSWORD('secure_password');"
+ );
}
- push( @generalrec,
-"Set up a Secure Password for user\@host ( SET PASSWORD FOR 'user'\@'SpecificDNSorIp' = PASSWORD('secure_password'); )"
- );
}
@mysqlstatlist = select_array
- "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE HOST='%'";
+ "SELECT CONCAT(QUOTE(user), '\@', host) FROM mysql.user WHERE HOST='%'";
if (@mysqlstatlist) {
foreach my $line ( sort @mysqlstatlist ) {
chomp($line);
- badprint "User '" . $line
- . "' does not specify hostname restrictions.";
+ my $luser = ( split /@/, $line )[0];
+ badprint "User " . $line
+ . " does not specify hostname restrictions.";
+ push( @generalrec,
+"Restrict Host for $luser\@'%' to $luser\@LimitedIPRangeOrLocalhost"
+ );
+ push( @generalrec,
+ "RENAME USER $luser\@'%' TO "
+ . $luser
+ . "\@LimitedIPRangeOrLocalhost;" );
}
- push( @generalrec,
- "Restrict Host for user\@% to user\@SpecificDNSorIp" );
}
unless ( -f $basic_password_files ) {
@@ -1905,6 +2082,12 @@ sub security_recommendations {
chomp($line);
badprint "User '" . $line
. "' is using weak password: $pass in a lower, upper or capitalize derivative version.";
+
+ push( @generalrec,
+"Set up a Secure Password for $line user: SET PASSWORD FOR '"
+ . ( split /@/, $line )[0] . "'\@'"
+ . ( split /@/, $line )[1]
+ . "' = PASSWORD('secure_password');" );
$nbins++;
}
}
@@ -1913,7 +2096,9 @@ sub security_recommendations {
}
}
if ( $nbins > 0 ) {
- push( @generalrec, $nbins . " user(s) used basic or weak password." );
+ push( @generalrec,
+ $nbins
+ . " user(s) used basic or weak password from basic dictionary." );
}
}
@@ -1933,14 +2118,14 @@ sub get_replication_status {
infoprint "Semi synchronous replication Master: "
. (
- defined( $myvar{'rpl_semi_sync_master_enabled'} )
- ? $myvar{'rpl_semi_sync_master_enabled'}
+ ( defined( $myvar{'rpl_semi_sync_master_enabled'} ) or defined( $myvar{'rpl_semi_sync_source_enabled'} ) )
+ ? ( $myvar{'rpl_semi_sync_master_enabled'} // $myvar{'rpl_semi_sync_source_enabled'} )
: 'Not Activated'
);
infoprint "Semi synchronous replication Slave: "
. (
- defined( $myvar{'rpl_semi_sync_slave_enabled'} )
- ? $myvar{'rpl_semi_sync_slave_enabled'}
+ ( defined( $myvar{'rpl_semi_sync_slave_enabled'} ) or defined( $myvar{'rpl_semi_sync_replica_enabled'} ) )
+ ? ( $myvar{'rpl_semi_sync_slave_enabled'} // $myvar{'rpl_semi_sync_replica_enabled'} )
: 'Not Activated'
);
if ( scalar( keys %myrepl ) == 0 and scalar( keys %myslaves ) == 0 ) {
@@ -1954,11 +2139,11 @@ sub get_replication_status {
}
$result{'Replication'}{'status'} = \%myrepl;
- my ($io_running) = $myrepl{'Slave_IO_Running'};
+ my ($io_running) = $myrepl{'Slave_IO_Running'} // $myrepl{'Replica_IO_Running'};
debugprint "IO RUNNING: $io_running ";
- my ($sql_running) = $myrepl{'Slave_SQL_Running'};
+ my ($sql_running) = $myrepl{'Slave_SQL_Running'} // $myrepl{'Replica_SQL_Running'};
debugprint "SQL RUNNING: $sql_running ";
- my ($seconds_behind_master) = $myrepl{'Seconds_Behind_Master'};
+ my ($seconds_behind_master) = $myrepl{'Seconds_Behind_Master'} // $myrepl{'Seconds_Behind_Source'} ;
debugprint "SECONDS : $seconds_behind_master ";
if ( defined($io_running)
@@ -1968,7 +2153,7 @@ sub get_replication_status {
"This replication slave is not running but seems to be configured.";
}
if ( defined($io_running)
- && $io_running =~ /yes/i
+ && $io_running =~ /yes/i
&& $sql_running =~ /yes/i )
{
if ( $myvar{'read_only'} eq 'OFF' ) {
@@ -1989,23 +2174,32 @@ sub get_replication_status {
}
}
+# https://endoflife.software/applications/databases/mysql
+# https://endoflife.date/mariadb
sub validate_mysql_version {
( $mysqlvermajor, $mysqlverminor, $mysqlvermicro ) =
$myvar{'version'} =~ /^(\d+)(?:\.(\d+)|)(?:\.(\d+)|)/;
$mysqlverminor ||= 0;
$mysqlvermicro ||= 0;
- if ( mysql_version_eq(8) or mysql_version_eq(5, 6) or mysql_version_eq(5, 7)
- or mysql_version_eq(10, 1) or mysql_version_eq(10, 2) or mysql_version_eq(10, 3)
- or mysql_version_eq(10, 4) )
+ if ( mysql_version_eq(8)
+ or mysql_version_eq( 5, 7 )
+ or mysql_version_eq( 10, 3 )
+ or mysql_version_eq( 10, 4 )
+ or mysql_version_eq( 10, 5 )
+ or mysql_version_eq( 10, 6 )
+ )
{
- goodprint "Currently running supported MySQL version " . $myvar{'version'} . "";
+ goodprint "Currently running supported MySQL version "
+ . $myvar{'version'} . "";
return;
- }
- if ( mysql_version_ge( 5 ) or mysql_version_ge( 4 ) or mysql_version_eq(10, 0) ) {
+ } else {
badprint "Your MySQL version "
. $myvar{'version'}
. " is EOL software! Upgrade soon!";
+ push ( @generalrec, "You are using n unsupported version for production environments");
+ push ( @generalrec, "Upgrade as soon as possible to a supported version !");
+
}
}
@@ -2198,11 +2392,11 @@ sub check_storage_engines {
( $engine, $size, $count, $dsize, $isize ) =
$line =~ /([a-zA-Z_]+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)/;
debugprint "Engine Found: $engine";
- next unless ( defined($engine) );
- $size = 0 unless defined($size);
- $isize = 0 unless defined($isize);
- $dsize = 0 unless defined($dsize);
- $count = 0 unless defined($count);
+ next unless ( defined($engine) or trim($engine) eq '' );
+ $size = 0 unless ( defined($size) or trim($engine) eq '' );
+ $isize = 0 unless ( defined($isize) or trim($engine) eq '' );
+ $dsize = 0 unless ( defined($dsize) or trim($engine) eq '' );
+ $count = 0 unless ( defined($count) or trim($engine) eq '' );
$enginestats{$engine} = $size;
$enginecount{$engine} = $count;
$result{'Engine'}{$engine}{'Table Number'} = $count;
@@ -2219,7 +2413,7 @@ sub check_storage_engines {
}
$result{'Tables'}{'Fragmented tables'} =
[ select_array
-"SELECT CONCAT(CONCAT(TABLE_SCHEMA, '.'), TABLE_NAME),DATA_FREE FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','performance_schema', 'mysql') AND DATA_LENGTH/1024/1024>100 AND DATA_FREE*100/(DATA_LENGTH+INDEX_LENGTH+DATA_FREE) > 10 AND NOT ENGINE='MEMORY' $not_innodb"
+"SELECT CONCAT(CONCAT(TABLE_SCHEMA, '.'), TABLE_NAME),cast(DATA_FREE as signed) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema', 'performance_schema', 'mysql') AND DATA_LENGTH/1024/1024>100 AND cast(DATA_FREE as signed)*100/(DATA_LENGTH+INDEX_LENGTH+cast(DATA_FREE as signed)) > 10 AND NOT ENGINE='MEMORY' $not_innodb"
];
$fragtables = scalar @{ $result{'Tables'}{'Fragmented tables'} };
@@ -2253,11 +2447,12 @@ sub check_storage_engines {
# Parse through the table list to generate storage engine counts/statistics
$fragtables = 0;
foreach my $tbl (@tblist) {
- debugprint "Data dump " . Dumper(@$tbl);
+
+ #debugprint "Data dump " . Dumper(@$tbl);
my ( $engine, $size, $datafree ) = @$tbl;
- next if $engine eq 'NULL';
- $size = 0 if $size eq 'NULL';
- $datafree = 0 if $datafree eq 'NULL';
+ next if $engine eq 'NULL' or not defined($engine);
+ $size = 0 if $size eq 'NULL' or not defined($size);
+ $datafree = 0 if $datafree eq 'NULL' or not defined($datafree);
if ( defined $enginestats{$engine} ) {
$enginestats{$engine} += $size;
$enginecount{$engine} += 1;
@@ -2392,6 +2587,7 @@ sub calculations {
$myvar{'read_rnd_buffer_size'} +
$myvar{'sort_buffer_size'} +
$myvar{'thread_stack'} +
+ $myvar{'max_allowed_packet'} +
$myvar{'join_buffer_size'};
}
else {
@@ -2550,9 +2746,12 @@ sub calculations {
my $size = 0;
$size += (split)[0]
for
-`find $myvar{'datadir'} -name "*.MYI" 2>&1 | xargs du -L $duflags 2>&1`;
+`find "$myvar{'datadir'}" -name "*.MYI" -print0 2>&1 | xargs $xargsflags -0 du -L $duflags 2>&1`;
$mycalc{'total_myisam_indexes'} = $size;
- $mycalc{'total_aria_indexes'} = 0;
+ $size = 0 + (split)[0]
+ for
+`find "$myvar{'datadir'}" -name "*.MAI" -print0 2>&1 | xargs $xargsflags -0 du -L $duflags 2>&1`;
+ $mycalc{'total_aria_indexes'} = $size;
}
elsif ( mysql_version_ge(5) ) {
$mycalc{'total_myisam_indexes'} = select_one
@@ -2560,20 +2759,10 @@ sub calculations {
$mycalc{'total_aria_indexes'} = select_one
"SELECT IFNULL(SUM(INDEX_LENGTH),0) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema') AND ENGINE = 'Aria';";
}
- if ( defined $mycalc{'total_myisam_indexes'}
- and $mycalc{'total_myisam_indexes'} == 0 )
- {
- $mycalc{'total_myisam_indexes'} = "fail";
- }
- elsif ( defined $mycalc{'total_myisam_indexes'} ) {
+ if ( defined $mycalc{'total_myisam_indexes'} ) {
chomp( $mycalc{'total_myisam_indexes'} );
}
- if ( defined $mycalc{'total_aria_indexes'}
- and $mycalc{'total_aria_indexes'} == 0 )
- {
- $mycalc{'total_aria_indexes'} = 1;
- }
- elsif ( defined $mycalc{'total_aria_indexes'} ) {
+ if ( defined $mycalc{'total_aria_indexes'} ) {
chomp( $mycalc{'total_aria_indexes'} );
}
@@ -2637,8 +2826,19 @@ sub calculations {
# Table cache
if ( $mystat{'Opened_tables'} > 0 ) {
- $mycalc{'table_cache_hit_rate'} =
- int( $mystat{'Open_tables'} * 100 / $mystat{'Opened_tables'} );
+ if ( not defined( $mystat{'Table_open_cache_hits'} ) ) {
+ $mycalc{'table_cache_hit_rate'} =
+ int( $mystat{'Open_tables'} * 100 / $mystat{'Opened_tables'} );
+ }
+ else {
+ $mycalc{'table_cache_hit_rate'} = int(
+ $mystat{'Table_open_cache_hits'} * 100 / (
+ $mystat{'Table_open_cache_hits'} +
+ $mystat{'Table_open_cache_misses'}
+ )
+ );
+ }
+
}
else {
$mycalc{'table_cache_hit_rate'} = 100;
@@ -2698,12 +2898,20 @@ sub calculations {
}
# InnoDB
+ $myvar{'innodb_log_files_in_group'} = 1
+ unless defined( $myvar{'innodb_log_files_in_group'} );
+ $myvar{"innodb_buffer_pool_instances"} = 1
+ unless defined( $myvar{'innodb_buffer_pool_instances'} );
if ( $myvar{'have_innodb'} eq "YES" ) {
$mycalc{'innodb_log_size_pct'} =
( $myvar{'innodb_log_file_size'} *
$myvar{'innodb_log_files_in_group'} * 100 /
$myvar{'innodb_buffer_pool_size'} );
}
+ if ( !defined $myvar{'innodb_buffer_pool_size'} ) {
+ $mycalc{'innodb_log_size_pct'} = 0;
+ $myvar{'innodb_buffer_pool_size'} = 0;
+ }
# InnoDB Buffer pool read cache efficiency
(
@@ -2958,12 +3166,24 @@ sub mysql_stats {
infoprint
"Skipped name resolution test due to missing skip_name_resolve in system variables.";
}
+ #Cpanel and Skip name resolve
+ elsif ( -r "/usr/local/cpanel/cpanel" ){
+ if ( $result{'Variables'}{'skip_name_resolve'} ne 'OFF') {
+ infoprint "CPanel and Flex system skip-name-resolve should be on";
+ }
+ if ( $result{'Variables'}{'skip_name_resolve'} eq 'OFF') {
+ badprint "CPanel and Flex system skip-name-resolve should be on";
+ push (@generalrec, "name resolution is enabled due to cPanel doesn't support this disabled.");
+ push (@adjvars, "skip-name-resolve=0");
+ }
+ }
elsif ( $result{'Variables'}{'skip_name_resolve'} eq 'OFF' ) {
badprint
-"name resolution is active : a reverse name resolution is made for each new connection and can reduce performance";
+"Name resolution is active: a reverse name resolution is made for each new connection and can reduce performance";
push( @generalrec,
"Configure your accounts with ip or subnets only, then update your configuration with skip-name-resolve=1"
);
+ push (@adjvars, "skip-name-resolve=1");
}
# Query cache
@@ -2978,8 +3198,8 @@ sub mysql_stats {
#return;
}
- elsif ( $myvar{'query_cache_size'} < 1
- and $myvar{'query_cache_type'} eq "OFF" )
+ elsif ($myvar{'query_cache_size'} < 1
+ or $myvar{'query_cache_type'} eq "OFF" )
{
goodprint
"Query cache is disabled by default due to mutex contention on multiprocessor machines.";
@@ -3075,8 +3295,12 @@ sub mysql_stats {
"join_buffer_size (> "
. hr_bytes( $myvar{'join_buffer_size'} )
. ", or always use indexes with JOINs)" );
- push( @generalrec,
- "Adjust your join queries to always utilize indexes" );
+ push(
+ @generalrec,
+"We will suggest raising the 'join_buffer_size' until JOINs not using indexes are found.
+ See https://dev.mysql.com/doc/internals/en/join-buffer-size.html
+ (specially the conclusions at the bottom of the page)."
+ );
}
else {
goodprint "No joins without indexes";
@@ -3139,13 +3363,13 @@ sub mysql_stats {
}
# Thread cache
- if ( defined( $myvar{'thread_handling'} )
- and $myvar{'thread_handling'} eq 'pool-of-threads' )
+ if ( defined( $myvar{'have_threadpool'} )
+ and $myvar{'have_threadpool'} eq 'YES' )
{
- # https://www.percona.com/doc/percona-server/LATEST/performance/threadpool.html
- # When thread pool is enabled, the value of the thread_cache_size variable
- # is ignored. The Threads_cached status variable contains 0 in this case.
- infoprint "Thread cache not used with thread_handling=pool-of-threads";
+# https://www.percona.com/doc/percona-server/5.7/performance/threadpool.html#status-variables
+# When thread pool is enabled, the value of the thread_cache_size variable
+# is ignored. The Threads_cached status variable contains 0 in this case.
+ infoprint "Thread cache not used with thread pool enabled";
}
else {
if ( $myvar{'thread_cache_size'} eq 0 ) {
@@ -3180,11 +3404,25 @@ sub mysql_stats {
my $table_cache_var = "";
if ( $mystat{'Open_tables'} > 0 ) {
if ( $mycalc{'table_cache_hit_rate'} < 20 ) {
- badprint "Table cache hit rate: $mycalc{'table_cache_hit_rate'}% ("
- . hr_num( $mystat{'Open_tables'} )
- . " open / "
- . hr_num( $mystat{'Opened_tables'} )
- . " opened)";
+
+ unless ( defined( $mystat{'Table_open_cache_hits'} ) ) {
+ badprint
+ "Table cache hit rate: $mycalc{'table_cache_hit_rate'}% ("
+ . hr_num( $mystat{'Open_tables'} )
+ . " hits / "
+ . hr_num( $mystat{'Opened_tables'} )
+ . " requests)";
+ }
+ else {
+ badprint
+ "Table cache hit rate: $mycalc{'table_cache_hit_rate'}% ("
+ . hr_num( $mystat{'Table_open_cache_hits'} )
+ . " hits / "
+ . hr_num( $mystat{'Table_open_cache_hits'} +
+ $mystat{'Table_open_cache_misses'} )
+ . " requests)";
+ }
+
if ( mysql_version_ge( 5, 1 ) ) {
$table_cache_var = "table_open_cache";
}
@@ -3201,7 +3439,7 @@ sub mysql_stats {
push( @generalrec,
"Read this before increasing "
. $table_cache_var
- . " over 64: https://bit.ly/1mi7c4C" );
+ . " over 64: https://bit.ly/2Fulv7r" );
push( @generalrec,
"Read this before increasing for MariaDB"
. " https://mariadb.com/kb/en/library/optimizing-table_open_cache/"
@@ -3225,14 +3463,55 @@ sub mysql_stats {
. ")" );
}
else {
- goodprint "Table cache hit rate: $mycalc{'table_cache_hit_rate'}% ("
- . hr_num( $mystat{'Open_tables'} )
- . " open / "
- . hr_num( $mystat{'Opened_tables'} )
- . " opened)";
+ unless ( defined( $mystat{'Table_open_cache_hits'} ) ) {
+ goodprint
+ "Table cache hit rate: $mycalc{'table_cache_hit_rate'}% ("
+ . hr_num( $mystat{'Open_tables'} )
+ . " hits / "
+ . hr_num( $mystat{'Opened_tables'} )
+ . " requests)";
+ }
+ else {
+ goodprint
+ "Table cache hit rate: $mycalc{'table_cache_hit_rate'}% ("
+ . hr_num( $mystat{'Table_open_cache_hits'} )
+ . " hits / "
+ . hr_num( $mystat{'Table_open_cache_hits'} +
+ $mystat{'Table_open_cache_misses'} )
+ . " requests)";
+ }
}
}
+ # Table definition cache
+ my $nbtables = select_one('SELECT COUNT(*) FROM information_schema.tables');
+ $mycalc{'total_tables'} = $nbtables;
+ if ( defined $myvar{'table_definition_cache'} ) {
+ if ( $myvar{'table_definition_cache'} == -1 ) {
+ infoprint( "table_definition_cache("
+ . $myvar{'table_definition_cache'}
+ . ") is in autosizing mode" );
+ }
+ elsif ( $myvar{'table_definition_cache'} < $nbtables ) {
+ badprint "table_definition_cache ("
+ . $myvar{'table_definition_cache'}
+ . ") is less than number of tables ($nbtables) ";
+ push( @adjvars,
+ "table_definition_cache("
+ . $myvar{'table_definition_cache'} . ") > "
+ . $nbtables
+ . " or -1 (autosizing if supported)" );
+ }
+ else {
+ goodprint "table_definition_cache ("
+ . $myvar{'table_definition_cache'}
+ . ") is greater than number of tables ($nbtables)";
+ }
+ }
+ else {
+ infoprint "No table_definition_cache variable found.";
+ }
+
# Open files
if ( defined $mycalc{'pct_files_open'} ) {
if ( $mycalc{'pct_files_open'} > 85 ) {
@@ -3317,30 +3596,50 @@ sub mysql_stats {
# Recommendations for MyISAM
sub mysql_myisam {
subheaderprint "MyISAM Metrics";
- if (mysql_version_ge(8) and mysql_version_le(10) ) {
+ if ( mysql_version_ge(8) and mysql_version_le(10) ) {
infoprint "MyISAM Metrics are disabled on last MySQL versions.";
+ if ( $myvar{'key_buffer_size'} > 0) {
+ push( @adjvars, "key_buffer_size=0" );
+ push( @generalrec, "Buffer Key MyISAM set to 0, no MyISAM table detected" );
+ }
return;
}
+ my $nb_myisam_tables=select_one(
+"SELECT COUNT(*) FROM information_schema.TABLES WHERE ENGINE='MyISAM'"
+ );
+ if ( $nb_myisam_tables == 0 ) {
+ infoprint "No MyISAM table(s) detected ....";
+ return;
+ }
+
# Key buffer usage
- if ( defined( $mycalc{'pct_key_buffer_used'} ) ) {
+ if ( $mycalc{'pct_key_buffer_used'} > 0 ) {
if ( $mycalc{'pct_key_buffer_used'} < 90 ) {
badprint "Key buffer used: $mycalc{'pct_key_buffer_used'}% ("
- . hr_num( $myvar{'key_buffer_size'} *
- $mycalc{'pct_key_buffer_used'} /
- 100 )
+ . hr_bytes( $myvar{'key_buffer_size'} -
+ $mystat{'Key_blocks_unused'} *
+ $myvar{'key_cache_block_size'} )
. " used / "
- . hr_num( $myvar{'key_buffer_size'} )
+ . hr_bytes( $myvar{'key_buffer_size'} )
. " cache)";
-#push(@adjvars,"key_buffer_size (\~ ".hr_num( $myvar{'key_buffer_size'} * $mycalc{'pct_key_buffer_used'} / 100).")");
+ push(
+ @adjvars,
+ "key_buffer_size (\~ "
+ . hr_num(
+ $myvar{'key_buffer_size'} * $mycalc{'pct_key_buffer_used'}
+ / 100
+ )
+ . ")"
+ );
}
else {
goodprint "Key buffer used: $mycalc{'pct_key_buffer_used'}% ("
- . hr_num( $myvar{'key_buffer_size'} *
- $mycalc{'pct_key_buffer_used'} /
- 100 )
+ . hr_bytes( $myvar{'key_buffer_size'} -
+ $mystat{'Key_blocks_unused'} *
+ $myvar{'key_cache_block_size'} )
. " used / "
- . hr_num( $myvar{'key_buffer_size'} )
+ . hr_bytes( $myvar{'key_buffer_size'} )
. " cache)";
}
}
@@ -3348,26 +3647,17 @@ sub mysql_myisam {
# No queries have run that would use keys
debugprint "Key buffer used: $mycalc{'pct_key_buffer_used'}% ("
- . hr_num(
- $myvar{'key_buffer_size'} * $mycalc{'pct_key_buffer_used'} / 100 )
+ . hr_bytes( $myvar{'key_buffer_size'} -
+ $mystat{'Key_blocks_unused'} * $myvar{'key_cache_block_size'} )
. " used / "
- . hr_num( $myvar{'key_buffer_size'} )
+ . hr_bytes( $myvar{'key_buffer_size'} )
. " cache)";
}
# Key buffer
- if ( !defined( $mycalc{'total_myisam_indexes'} ) and $doremote == 1 ) {
+ if ( !defined( $mycalc{'total_myisam_indexes'} ) ) {
push( @generalrec,
- "Unable to calculate MyISAM indexes on remote MySQL server < 5.0.0"
- );
- }
- elsif ( $mycalc{'total_myisam_indexes'} =~ /^fail$/ ) {
- badprint
- "Cannot calculate MyISAM index size - re-run script as root user";
- }
- elsif ( $mycalc{'total_myisam_indexes'} == "0" ) {
- badprint
- "None of your MyISAM tables are indexed - add indexes immediately";
+ "Unable to calculate MyISAM index size on MySQL server < 5.0.0" );
}
else {
if ( $myvar{'key_buffer_size'} < $mycalc{'total_myisam_indexes'}
@@ -3446,7 +3736,7 @@ sub mysql_myisam {
sub mariadb_threadpool {
subheaderprint "ThreadPool Metrics";
- # AriaDB
+ # MariaDB
unless ( defined $myvar{'have_threadpool'}
&& $myvar{'have_threadpool'} eq "YES" )
{
@@ -3456,7 +3746,33 @@ sub mariadb_threadpool {
infoprint "ThreadPool stat is enabled.";
infoprint "Thread Pool Size: " . $myvar{'thread_pool_size'} . " thread(s).";
- if ( $myvar{'version'} =~ /mariadb|percona/i ) {
+ if ( $myvar{'version'} =~ /percona/i
+ or $myvar{'version_comment'} =~ /percona/i )
+ {
+ my $np = cpu_cores;
+ if ( $myvar{'thread_pool_size'} >= $np
+ and $myvar{'thread_pool_size'} < ( $np * 1.5 ) )
+ {
+ goodprint
+"thread_pool_size for Percona between 1 and 1.5 times number of CPUs ("
+ . $np . " and "
+ . ( $np * 1.5 ) . ")";
+ }
+ else {
+ badprint
+"thread_pool_size for Percona between 1 and 1.5 times number of CPUs ("
+ . $np . " and "
+ . ( $np * 1.5 ) . ")";
+ push( @adjvars,
+ "thread_pool_size between "
+ . $np . " and "
+ . ( $np * 1.5 )
+ . " for InnoDB usage" );
+ }
+ return;
+ }
+
+ if ( $myvar{'version'} =~ /mariadb/i ) {
infoprint "Using default value is good enough for your version ("
. $myvar{'version'} . ")";
return;
@@ -3520,52 +3836,50 @@ sub mysqsl_pfs {
# Performance Schema
$myvar{'performance_schema'} = 'OFF'
unless defined( $myvar{'performance_schema'} );
- unless ( $myvar{'performance_schema'} eq 'ON' ) {
- infoprint "Performance schema is disabled.";
- if ( mysql_version_ge( 5, 6 ) ) {
- push( @generalrec,
+ if ($myvar{'performance_schema'} eq 'OFF') {
+ badprint "Performance_schema should be activated.";
+ push( @adjvars, "performance_schema=ON" );
+ push( @generalrec,
"Performance schema should be activated for better diagnostics"
);
- push( @adjvars, "performance_schema = ON enable PFS" );
- }
+ }
+ if ( $myvar{'performance_schema'} eq 'ON' ) {
+ infoprint "Performance_schema is activated.";
+ debugprint "Performance schema is " . $myvar{'performance_schema'};
+ infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() );
}
- else {
- if ( mysql_version_le( 5, 5 ) ) {
- push( @generalrec,
-"Performance schema shouldn't be activated for MySQL and MariaDB 5.5 and lower version"
- );
- push( @adjvars, "performance_schema = OFF disable PFS" );
- }
- }
- debugprint "Performance schema is " . $myvar{'performance_schema'};
- infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() );
- if ( mysql_version_eq( 10, 0 ) ) {
- push( @generalrec,
-"Performance schema shouldn't be activated for MariaDB 10.0 for performance issue"
- );
- push( @adjvars, "performance_schema = OFF disable PFS" );
- return;
- }
unless ( grep /^sys$/, select_array("SHOW DATABASES") ) {
infoprint "Sys schema isn't installed.";
push( @generalrec,
"Consider installing Sys schema from https://github.com/mysql/mysql-sys for MySQL"
) unless ( mysql_version_le( 5, 6 ) );
push( @generalrec,
-"Consider installing Sys schema from https://github.com/good-dba/mariadb-sys for MariaDB"
- ) unless ( mysql_version_eq( 10, 0 ) or mysql_version_eq( 5, 5 ) );
+"Consider installing Sys schema from https://github.com/FromDual/mariadb-sys for MariaDB"
+ ) unless ( mysql_version_ge( 10, 0 ) );
return;
}
- else {
- infoprint "Sys schema is installed.";
- }
+ infoprint "Sys schema is installed.";
return if ( $opt{pfstat} == 0 or $myvar{'performance_schema'} ne 'ON' );
infoprint "Sys schema Version: "
. select_one("select sys_version from sys.version");
+ # Store all sys schema
+# for my $pfs_view(select_array('use sys;show tables;')){
+ #infoprint "$pfs_view"
+# @$result{'sys'}{$pfs_view}{'headers'}=[];
+# for my $h (select_array("select column_name FROM INFORMATION_SCHEMA.COLUMNS c
+# WHERE c.table_name = '$pfs_view' ORDER BY c.ORDINAL_POSITION")) {
+# push @$result{'sys'}{$pfs_view}{'headers'}, $h;
+# }
+# exit 1;
+# $result{'sys'}{$pfs_view}{'values'}=();
+# for my $lQuery (select_array("select * from sys.$pfs_view")) {
+# push $result{'sys'}{$pfs_view}{'values'}, $lQuery;
+# }
+# }
# Top user per connection
subheaderprint "Performance schema: Top 5 user per connection";
my $nbL = 1;
@@ -3672,7 +3986,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# Top user per io
- subheaderprint "Performance schema: Top 5 user per io";
+ subheaderprint "Performance schema: Top 5 user per IO";
$nbL = 1;
for my $lQuery (
select_array(
@@ -3687,7 +4001,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# Top user per io latency
- subheaderprint "Performance schema: Top 5 user per io latency";
+ subheaderprint "Performance schema: Top 5 user per IO latency";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4154,7 +4468,12 @@ sub mysqsl_pfs {
# Unused Indexes
subheaderprint "Performance schema: Unused indexes";
$nbL = 1;
- for my $lQuery ( select_array("select \* from sys.schema_unused_indexes where object_schema not in ('performance_schema')" )) {
+ for my $lQuery (
+ select_array(
+"select \* from sys.schema_unused_indexes where object_schema not in ('performance_schema')"
+ )
+ )
+ {
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
@@ -4177,7 +4496,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# Latest file IO by latency
- subheaderprint "Performance schema: Latest FILE IO by latency";
+ subheaderprint "Performance schema: Latest File IO by latency";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4192,7 +4511,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# FILE by IO read bytes
- subheaderprint "Performance schema: FILE by IO read bytes";
+ subheaderprint "Performance schema: File by IO read bytes";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4207,7 +4526,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# FILE by IO written bytes
- subheaderprint "Performance schema: FILE by IO written bytes";
+ subheaderprint "Performance schema: File by IO written bytes";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4222,7 +4541,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# file per IO total latency
- subheaderprint "Performance schema: file per IO total latency";
+ subheaderprint "Performance schema: File per IO total latency";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4358,7 +4677,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 most used index
- subheaderprint "Performance schema: TOP 15 most modified indexes";
+ subheaderprint "Performance schema: Top 15 most modified indexes";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4373,7 +4692,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 high read latency index
- subheaderprint "Performance schema: TOP 15 high read latency index";
+ subheaderprint "Performance schema: Top 15 high read latency index";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4388,7 +4707,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 high insert latency index
- subheaderprint "Performance schema: TOP 15 most modified indexes";
+ subheaderprint "Performance schema: Top 15 most modified indexes";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4403,7 +4722,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 high update latency index
- subheaderprint "Performance schema: TOP 15 high update latency index";
+ subheaderprint "Performance schema: Top 15 high update latency index";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4418,7 +4737,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 high delete latency index
- subheaderprint "Performance schema: TOP 15 high delete latency index";
+ subheaderprint "Performance schema: Top 15 high delete latency index";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4448,7 +4767,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 most used tables
- subheaderprint "Performance schema: TOP 15 most modified tables";
+ subheaderprint "Performance schema: Top 15 most modified tables";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4463,7 +4782,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 high read latency tables
- subheaderprint "Performance schema: TOP 15 high read latency tables";
+ subheaderprint "Performance schema: Top 15 high read latency tables";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4478,7 +4797,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 high insert latency tables
- subheaderprint "Performance schema: TOP 15 high insert latency tables";
+ subheaderprint "Performance schema: Top 15 high insert latency tables";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4493,7 +4812,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 high update latency tables
- subheaderprint "Performance schema: TOP 15 high update latency tables";
+ subheaderprint "Performance schema: Top 15 high update latency tables";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4508,7 +4827,7 @@ sub mysqsl_pfs {
if ( $nbL == 1 );
# TOP 15 high delete latency tables
- subheaderprint "Performance schema: TOP 15 high delete latency tables";
+ subheaderprint "Performance schema: Top 15 high delete latency tables";
$nbL = 1;
for my $lQuery (
select_array(
@@ -4998,31 +5317,25 @@ sub mysqsl_pfs {
}
-# Recommendations for Ariadb
-sub mariadb_ariadb {
- subheaderprint "AriaDB Metrics";
+# Recommendations for Aria Engine
+sub mariadb_aria {
+ subheaderprint "Aria Metrics";
- # AriaDB
- unless ( defined $myvar{'have_aria'}
- and $myvar{'have_aria'} eq "YES" )
- {
- infoprint "AriaDB is disabled.";
+ # Aria
+ if ( !defined $myvar{'have_aria'} ) {
+ infoprint "Aria Storage Engine not available.";
return;
}
- infoprint "AriaDB is enabled.";
+ if ( $myvar{'have_aria'} ne "YES" ) {
+ infoprint "Aria Storage Engine is disabled.";
+ return;
+ }
+ infoprint "Aria Storage Engine is enabled.";
# Aria pagecache
- if ( !defined( $mycalc{'total_aria_indexes'} ) and $doremote == 1 ) {
+ if ( !defined( $mycalc{'total_aria_indexes'} ) ) {
push( @generalrec,
- "Unable to calculate Aria indexes on remote MySQL server < 5.0.0" );
- }
- elsif ( $mycalc{'total_aria_indexes'} =~ /^fail$/ ) {
- badprint
- "Cannot calculate Aria index size - re-run script as root user";
- }
- elsif ( $mycalc{'total_aria_indexes'} == "0" ) {
- badprint
- "None of your Aria tables are indexed - add indexes immediately";
+ "Unable to calculate Aria index size on MySQL server" );
}
else {
if (
@@ -5165,7 +5478,8 @@ sub get_wsrep_options {
push @galera_options, ' wsrep_slave_threads = ' . $wsrep_slave_threads;
@galera_options = remove_cr @galera_options;
@galera_options = remove_empty @galera_options;
- debugprint Dumper( \@galera_options );
+
+ #debugprint Dumper( \@galera_options );
return @galera_options;
}
@@ -5239,6 +5553,7 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0"
infoprint "CPU core detected : " . (cpu_cores);
infoprint "wsrep_slave_threads: " . get_wsrep_option('wsrep_slave_threads');
+
if ( get_wsrep_option('wsrep_slave_threads') > ( (cpu_cores) * 4 )
or get_wsrep_option('wsrep_slave_threads') < ( (cpu_cores) * 2 ) )
{
@@ -5251,16 +5566,6 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0"
"wsrep_slave_threads is equal to 2, 3 or 4 times number of CPU(s)";
}
- if ( get_wsrep_option('gcs.fc_limit') !=
- get_wsrep_option('wsrep_slave_threads') * 5 )
- {
- badprint "gcs.fc_limit should be equal to 5 * wsrep_slave_threads";
- push @adjvars, "gcs.fc_limit= wsrep_slave_threads * 5";
- }
- else {
- goodprint "gcs.fc_limit should be equal to 5 * wsrep_slave_threads";
- }
-
if ( get_wsrep_option('wsrep_slave_threads') > 1 ) {
infoprint
"wsrep parallel slave can cause frequent inconsistency crash.";
@@ -5285,15 +5590,19 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0"
if ( get_wsrep_option('gcs.fc_limit') != $myvar{'wsrep_slave_threads'} * 5 )
{
- badprint "gcs.fc_limit should be equal to 5 * wsrep_slave_threads";
- push @adjvars, "gcs.fc_limit= wsrep_slave_threads * 5";
+ badprint "gcs.fc_limit should be equal to 5 * wsrep_slave_threads (="
+ . ( $myvar{'wsrep_slave_threads'} * 5 ) . ")";
+ push @adjvars, "gcs.fc_limit= wsrep_slave_threads * 5 (="
+ . ( $myvar{'wsrep_slave_threads'} * 5 ) . ")";
}
else {
- goodprint "gcs.fc_limit is equal to 5 * wsrep_slave_threads";
+ goodprint "gcs.fc_limit is equal to 5 * wsrep_slave_threads ( ="
+ . get_wsrep_option('gcs.fc_limit') . ")";
}
if ( get_wsrep_option('gcs.fc_factor') != 0.8 ) {
- badprint "gcs.fc_factor should be equal to 0.8";
+ badprint "gcs.fc_factor should be equal to 0.8 (="
+ . get_wsrep_option('gcs.fc_factor') . ")";
push @adjvars, "gcs.fc_factor=0.8";
}
else {
@@ -5502,7 +5811,8 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0"
debugprint "WSREP: $key = $mystat{$key}";
}
}
- debugprint Dumper get_wsrep_options();
+
+ #debugprint Dumper get_wsrep_options();
}
# Recommendations for InnoDB
@@ -5511,21 +5821,31 @@ sub mysql_innodb {
# InnoDB
unless ( defined $myvar{'have_innodb'}
- && $myvar{'have_innodb'} eq "YES"
- && defined $enginestats{'InnoDB'} )
+ && $myvar{'have_innodb'} eq "YES" )
{
- if ( $opt{skipsize} eq 1 ) {
- infoprint "Skipped due to --skipsize option";
- return;
- }
infoprint "InnoDB is disabled.";
if ( mysql_version_ge( 5, 5 ) ) {
+ my $defengine = 'InnoDB';
+ $defengine = $myvar{'default_storage_engine'}
+ if defined( $myvar{'default_storage_engine'} );
badprint
-"InnoDB Storage engine is disabled. InnoDB is the default storage engine";
+"InnoDB Storage engine is disabled. $defengine is the default storage engine"
+ if $defengine eq 'InnoDB';
+ infoprint
+"InnoDB Storage engine is disabled. $defengine is the default storage engine"
+ if $defengine ne 'InnoDB';
}
return;
}
infoprint "InnoDB is enabled.";
+ if ( !defined $enginestats{'InnoDB'} ) {
+ if ( $opt{skipsize} eq 1 ) {
+ infoprint "Skipped due to --skipsize option";
+ return;
+ }
+ badprint "No tables are Innodb";
+ $enginestats{'InnoDB'} = 0;
+ }
if ( $opt{buffers} ne 0 ) {
infoprint "InnoDB Buffers";
@@ -5608,7 +5928,7 @@ sub mysql_innodb {
or $mycalc{'innodb_log_size_pct'} > 30 )
{
badprint "Ratio InnoDB log file size / InnoDB Buffer pool size ("
- . $mycalc{'innodb_log_size_pct'} . " %): "
+ . $mycalc{'innodb_log_size_pct'} . "%): "
. hr_bytes( $myvar{'innodb_log_file_size'} ) . " * "
. $myvar{'innodb_log_files_in_group'} . "/"
. hr_bytes( $myvar{'innodb_buffer_pool_size'} )
@@ -5620,8 +5940,13 @@ sub mysql_innodb {
$myvar{'innodb_buffer_pool_size'} /
$myvar{'innodb_log_files_in_group'} / 4
)
- . ") if possible, so InnoDB total log files size equals to 25% of buffer pool size."
+ . ") if possible, so InnoDB total log files size equals 25% of buffer pool size."
);
+ if ( mysql_version_le( 5, 6, 2 ) ) {
+ push( @generalrec,
+"For MySQL 5.6.2 and lower, Max combined innodb_log_file_size should have a ceiling of (4096MB / log files in group) - 1MB."
+ );
+ }
push( @generalrec,
"Before changing innodb_log_file_size and/or innodb_log_files_in_group read this: https://bit.ly/2TcGgtU"
);
@@ -5635,7 +5960,9 @@ sub mysql_innodb {
}
# InnoDB Buffer Pool Instances (MySQL 5.6.6+)
- if ( defined( $myvar{'innodb_buffer_pool_instances'} ) ) {
+ if ( not mysql_version_ge( 10, 4 )
+ and defined( $myvar{'innodb_buffer_pool_instances'} ) )
+ {
# Bad Value if > 64
if ( $myvar{'innodb_buffer_pool_instances'} > 64 ) {
@@ -5691,7 +6018,7 @@ sub mysql_innodb {
"InnoDB Buffer Pool Chunk Size not used or defined in your version";
}
else {
- infoprint "Number of InnoDB Buffer Pool Chunk : "
+ infoprint "Number of InnoDB Buffer Pool Chunk: "
. int( $myvar{'innodb_buffer_pool_size'} ) /
int( $myvar{'innodb_buffer_pool_chunk_size'} ) . " for "
. $myvar{'innodb_buffer_pool_instances'}
@@ -5763,8 +6090,20 @@ sub mysql_innodb {
}
# InnoDB Log Waits
- if ( defined $mystat{'Innodb_log_waits'}
- && $mystat{'Innodb_log_waits'} > 0 )
+ $mystat{'Innodb_log_waits_computed'} = 0;
+
+ if ( defined( $mystat{'Innodb_log_waits'} )
+ and defined( $mystat{'Innodb_log_writes'} ) )
+ {
+ $mystat{'Innodb_log_waits_computed'} =
+ $mystat{'Innodb_log_waits'} / $mystat{'Innodb_log_writes'};
+ }
+ else {
+ undef $mystat{'Innodb_log_waits_computed'};
+ }
+
+ if ( defined $mystat{'Innodb_log_waits_computed'}
+ && $mystat{'Innodb_log_waits_computed'} > 0.000001 )
{
badprint "InnoDB log waits: "
. percentage( $mystat{'Innodb_log_waits'},
@@ -5775,7 +6114,7 @@ sub mysql_innodb {
. $mystat{'Innodb_log_writes'}
. " writes)";
push( @adjvars,
- "innodb_log_buffer_size (>= "
+ "innodb_log_buffer_size (> "
. hr_bytes_rnd( $myvar{'innodb_log_buffer_size'} )
. ")" );
}
@@ -5821,8 +6160,8 @@ sub mysql_databases {
return;
}
- my @dblist = select_array(
-"SELECT DISTINCT TABLE_SCHEMA FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' );"
+ @dblist = select_array(
+"SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' );"
);
infoprint "There is " . scalar(@dblist) . " Database(s).";
my @totaldbinfo = split /\s/,
@@ -5831,7 +6170,34 @@ sub mysql_databases {
);
infoprint "All User Databases:";
infoprint " +-- TABLE : "
- . ( $totaldbinfo[4] eq 'NULL' ? 0 : $totaldbinfo[4] ) . "";
+ . select_one(
+"SELECT count(*) from information_schema.TABLES WHERE TABLE_TYPE ='BASE TABLE' AND TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' )"
+ ) . "";
+ infoprint " +-- VIEW : "
+ . select_one(
+"SELECT count(*) from information_schema.TABLES WHERE TABLE_TYPE ='VIEW' AND TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' )"
+ ) . "";
+ infoprint " +-- INDEX : "
+ . select_one(
+"SELECT count(distinct(concat(TABLE_NAME, TABLE_SCHEMA, INDEX_NAME))) from information_schema.STATISTICS WHERE TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' )"
+ ) . "";
+
+ infoprint " +-- CHARS : "
+ . ( $totaldbinfo[5] eq 'NULL' ? 0 : $totaldbinfo[5] ) . " ("
+ . (
+ join ", ",
+ select_array(
+"select distinct(CHARACTER_SET_NAME) from information_schema.columns WHERE CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' );"
+ )
+ ) . ")";
+ infoprint " +-- COLLA : "
+ . ( $totaldbinfo[5] eq 'NULL' ? 0 : $totaldbinfo[5] ) . " ("
+ . (
+ join ", ",
+ select_array(
+"SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_COLLATION IS NOT NULL AND TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' );"
+ )
+ ) . ")";
infoprint " +-- ROWS : "
. ( $totaldbinfo[0] eq 'NULL' ? 0 : $totaldbinfo[0] ) . "";
infoprint " +-- DATA : "
@@ -5841,18 +6207,13 @@ sub mysql_databases {
. hr_bytes( $totaldbinfo[2] ) . "("
. percentage( $totaldbinfo[2], $totaldbinfo[3] ) . "%)";
infoprint " +-- SIZE : " . hr_bytes( $totaldbinfo[3] ) . "";
- infoprint " +-- COLLA : "
- . ( $totaldbinfo[5] eq 'NULL' ? 0 : $totaldbinfo[5] ) . " ("
- . (
- join ", ",
- select_array(
- "SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES;")
- ) . ")";
- infoprint " +-- ENGIN : "
+ infoprint " +-- ENGINE: "
. ( $totaldbinfo[6] eq 'NULL' ? 0 : $totaldbinfo[6] ) . " ("
. (
join ", ",
- select_array("SELECT DISTINCT(ENGINE) FROM information_schema.TABLES;")
+ select_array(
+"SELECT DISTINCT(ENGINE) FROM information_schema.TABLES WHERE ENGINE IS NOT NULL AND TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' );"
+ )
) . ")";
$result{'Databases'}{'All databases'}{'Rows'} =
@@ -5873,41 +6234,75 @@ sub mysql_databases {
);
next unless defined $dbinfo[0];
infoprint "Database: " . $dbinfo[0] . "";
- infoprint " +-- TABLE: "
- . ( !defined( $dbinfo[6] ) or $dbinfo[6] eq 'NULL' ? 0 : $dbinfo[6] )
- . "";
- infoprint " +-- COLL : "
+ infoprint " +-- TABLE : "
+ . select_one(
+"SELECT count(*) from information_schema.TABLES WHERE TABLE_TYPE ='BASE TABLE' AND TABLE_SCHEMA='$_'"
+ ) . "";
+ infoprint " +-- VIEW : "
+ . select_one(
+"SELECT count(*) from information_schema.TABLES WHERE TABLE_TYPE ='VIEW' AND TABLE_SCHEMA='$_'"
+ ) . "";
+ infoprint " +-- INDEX : "
+ . select_one(
+"SELECT count(distinct(concat(TABLE_NAME, TABLE_SCHEMA, INDEX_NAME))) from information_schema.STATISTICS WHERE TABLE_SCHEMA='$_'"
+ ) . "";
+ infoprint " +-- CHARS : "
+ . ( $totaldbinfo[5] eq 'NULL' ? 0 : $totaldbinfo[5] ) . " ("
+ . (
+ join ", ",
+ select_array(
+"select distinct(CHARACTER_SET_NAME) from information_schema.columns WHERE CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA='$_';"
+ )
+ ) . ")";
+ infoprint " +-- COLLA : "
. ( $dbinfo[7] eq 'NULL' ? 0 : $dbinfo[7] ) . " ("
. (
join ", ",
select_array(
-"SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_';"
+"SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_' AND TABLE_COLLATION IS NOT NULL;"
)
) . ")";
- infoprint " +-- ROWS : "
+ infoprint " +-- ROWS : "
. ( !defined( $dbinfo[1] ) or $dbinfo[1] eq 'NULL' ? 0 : $dbinfo[1] )
. "";
- infoprint " +-- DATA : "
+ infoprint " +-- DATA : "
. hr_bytes( $dbinfo[2] ) . "("
. percentage( $dbinfo[2], $dbinfo[4] ) . "%)";
- infoprint " +-- INDEX: "
+ infoprint " +-- INDEX : "
. hr_bytes( $dbinfo[3] ) . "("
. percentage( $dbinfo[3], $dbinfo[4] ) . "%)";
- infoprint " +-- TOTAL: " . hr_bytes( $dbinfo[4] ) . "";
- infoprint " +-- ENGIN : "
+ infoprint " +-- TOTAL : " . hr_bytes( $dbinfo[4] ) . "";
+ infoprint " +-- ENGINE: "
. ( $dbinfo[8] eq 'NULL' ? 0 : $dbinfo[8] ) . " ("
. (
join ", ",
select_array(
-"SELECT DISTINCT(ENGINE) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_'"
+"SELECT DISTINCT(ENGINE) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_' AND ENGINE IS NOT NULL"
)
) . ")";
+
+ foreach my $eng (
+ select_array(
+"SELECT DISTINCT(ENGINE) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_' AND ENGINE IS NOT NULL"
+ )
+ )
+ {
+ infoprint " +-- ENGINE $eng : "
+ . select_one(
+"SELECT COUNT(*) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$dbinfo[0]' AND ENGINE='$eng'"
+ ) . " TABLE(s)";
+ }
badprint "Index size is larger than data size for $dbinfo[0] \n"
if ( $dbinfo[2] ne 'NULL' )
and ( $dbinfo[3] ne 'NULL' )
and ( $dbinfo[2] < $dbinfo[3] );
- badprint "There are " . $dbinfo[5] . " storage engines. Be careful. \n"
- if $dbinfo[5] > 1;
+ unless ( $dbinfo[5] == 1 ) {
+ badprint "There are "
+ . $dbinfo[5]
+ . " storage engines. Be careful. \n";
+ push @generalrec,
+"Select one storage engine (InnoDB is a good choice) for all tables in $dbinfo[0] database ($dbinfo[5] engines detected)";
+ }
$result{'Databases'}{ $dbinfo[0] }{'Rows'} = $dbinfo[1];
$result{'Databases'}{ $dbinfo[0] }{'Tables'} = $dbinfo[6];
$result{'Databases'}{ $dbinfo[0] }{'Collations'} = $dbinfo[7];
@@ -5948,7 +6343,7 @@ sub mysql_databases {
}
my @distinct_column_charset = select_array(
-"select DISTINCT(CHARACTER_SET_NAME) from information_schema.COLUMNS where CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"
+"select DISTINCT(CHARACTER_SET_NAME) from information_schema.COLUMNS where CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA ='$_' AND CHARACTER_SET_NAME IS NOT NULL"
);
infoprint "Charsets for $dbinfo[0] database table column: "
. join( ', ', @distinct_column_charset );
@@ -5966,7 +6361,7 @@ sub mysql_databases {
}
my @distinct_column_collation = select_array(
-"select DISTINCT(COLLATION_NAME) from information_schema.COLUMNS where COLLATION_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"
+"select DISTINCT(COLLATION_NAME) from information_schema.COLUMNS where COLLATION_NAME IS NOT NULL AND TABLE_SCHEMA ='$_' AND COLLATION_NAME IS NOT NULL"
);
infoprint "Collations for $dbinfo[0] database table column: "
. join( ', ', @distinct_column_collation );
@@ -5983,7 +6378,6 @@ sub mysql_databases {
. " table column(s) has same collation defined for all text like column(s).";
}
}
-
}
# Recommendations for database columns
@@ -5996,13 +6390,14 @@ sub mysql_tables {
"Skip Database metrics from information schema missing in this version";
return;
}
- if (mysql_version_ge(8) and not mysql_version_eq(10)) {
- infoprint "MySQL and Percona version 8 and greater have remove PROCEDURE ANALYSE feature"
+ if ( mysql_version_ge(8) and not mysql_version_eq(10) ) {
+ infoprint
+"MySQL and Percona version 8 and greater have remove PROCEDURE ANALYSE feature";
+ $opt{colstat} = 0;
+ infoprint "Disabling colstat parameter";
+
}
- my @dblist = select_array(
-"SELECT DISTINCT TABLE_SCHEMA FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' );"
- );
- foreach (@dblist) {
+ foreach ( select_user_dbs() ) {
my $dbname = $_;
next unless defined $_;
infoprint "Database: " . $_ . "";
@@ -6012,6 +6407,34 @@ sub mysql_tables {
foreach (@dbtable) {
my $tbname = $_;
infoprint " +-- TABLE: $tbname";
+ infoprint " +-- TYPE: "
+ . select_one(
+"SELECT ENGINE FROM information_schema.tables where TABLE_schema='$dbname' AND TABLE_NAME='$tbname'"
+ );
+
+ my $selIdxReq = <<"ENDSQL";
+ SELECT index_name AS idxname,
+ GROUP_CONCAT(column_name ORDER BY seq_in_index) AS cols,
+ INDEX_TYPE as type
+ FROM information_schema.statistics
+ WHERE INDEX_SCHEMA='$dbname'
+ AND TABLE_NAME='$tbname'
+ GROUP BY idxname, type
+ENDSQL
+ my @tbidx = select_array($selIdxReq);
+ my $found = 0;
+ foreach my $idx (@tbidx) {
+ my @info = split /\s/, $idx;
+ next if $info[0] eq 'NULL';
+ infoprint
+ " +-- Index $info[0] - Cols: $info[1] - Type: $info[2]";
+ $found++;
+ }
+ if ( $found == 0 ) {
+ badprint("Table $dbname.$tbname has no index defined");
+ push @generalrec,
+ "Add at least a primary key on table $dbname.$tbname";
+ }
my @tbcol = select_array(
"SELECT COLUMN_NAME FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='$dbname' AND TABLE_NAME='$tbname'"
);
@@ -6023,38 +6446,45 @@ sub mysql_tables {
"SELECT IS_NULLABLE FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='$dbname' AND TABLE_NAME='$tbname' AND COLUMN_NAME='$_' "
);
- infoprint " +-- Column $tbname.$_:";
my $current_type =
- uc($ctype) . ( $isnull eq 'NO' ? " NOT NULL" : "" );
- my $optimal_type='';
- $optimal_type = select_str_g( "Optimal_fieldtype",
+ uc($ctype) . ( $isnull eq 'NO' ? " NOT NULL" : " NULL" );
+ my $optimal_type = '';
+ infoprint " +-- Column $tbname.$_: $current_type";
+ if ( $opt{colstat} == 1 ) {
+ $optimal_type = select_str_g( "Optimal_fieldtype",
"SELECT \\`$_\\` FROM \\`$dbname\\`.\\`$tbname\\` PROCEDURE ANALYSE(100000)"
- ) unless (mysql_version_ge(8) and not mysql_version_eq(10));
+ )
+ unless ( mysql_version_ge(8)
+ and not mysql_version_eq(10) );
+ }
if ( $optimal_type eq '' ) {
- infoprint " Current Fieldtype: $current_type";
+
+ #infoprint " +-- Current Fieldtype: $current_type";
+
#infoprint " Optimal Fieldtype: Not available";
}
- elsif ( $current_type ne $optimal_type and $current_type !~ /.*DATETIME.*/ and $current_type !~ /.*TIMESTAMP.*/) {
- infoprint " Current Fieldtype: $current_type";
- if ($optimal_type =~ /.*ENUM\(.*/ ) {
- $optimal_type ="ENUM( ... )";
+ elsif ( $current_type ne $optimal_type
+ and $current_type !~ /.*DATETIME.*/
+ and $current_type !~ /.*TIMESTAMP.*/ )
+ {
+ infoprint " +-- Current Fieldtype: $current_type";
+ if ( $optimal_type =~ /.*ENUM\(.*/ ) {
+ $optimal_type = "ENUM( ... )";
}
- infoprint " Optimal Fieldtype: $optimal_type ";
- if ($optimal_type !~ /.*ENUM\(.*/ ) {
+ infoprint " +-- Optimal Fieldtype: $optimal_type ";
+ if ( $optimal_type !~ /.*ENUM\(.*/ ) {
badprint
"Consider changing type for column $_ in table $dbname.$tbname";
- push( @generalrec,
+ push( @generalrec,
"ALTER TABLE \`$dbname\`.\`$tbname\` MODIFY \`$_\` $optimal_type;"
- );
- }
-
+ );
+ }
}
else {
goodprint "$dbname.$tbname ($_) type: $current_type";
}
}
}
-
}
}
@@ -6076,8 +6506,8 @@ sub mysql_indexes {
# }
my $selIdxReq = <<'ENDSQL';
SELECT
- CONCAT(CONCAT(t.TABLE_SCHEMA, '.'),t.TABLE_NAME) AS 'table'
- , CONCAT(CONCAT(CONCAT(s.INDEX_NAME, '('),s.COLUMN_NAME), ')') AS 'index'
+ CONCAT(t.TABLE_SCHEMA, '.',t.TABLE_NAME) AS 'table',
+ CONCAT(s.INDEX_NAME, '(',s.COLUMN_NAME, ')') AS 'index'
, s.SEQ_IN_INDEX AS 'seq'
, s2.max_columns AS 'maxcol'
, s.CARDINALITY AS 'card'
@@ -6135,13 +6565,40 @@ ENDSQL
badprint "$info[1] has a low selectivity";
}
}
-
+ infoprint "Indexes per database:";
+ foreach my $dbname ( select_user_dbs() ) {
+ infoprint "Database: " . $dbname . "";
+ $selIdxReq = <<"ENDSQL";
+ SELECT concat(table_name,'.', index_name) AS idxname,
+ GROUP_CONCAT(column_name ORDER BY seq_in_index) AS cols,
+ SUM(CARDINALITY) as card,
+ INDEX_TYPE as type
+ FROM information_schema.statistics
+ WHERE INDEX_SCHEMA='$dbname'
+ AND index_name IS NOT NULL
+ GROUP BY table_name, idxname, type
+ENDSQL
+ my $found = 0;
+ foreach my $idxinfo ( select_array($selIdxReq) ) {
+ my @info = split /\s/, $idxinfo;
+ next if $info[0] eq 'NULL';
+ infoprint " +-- INDEX : " . $info[0];
+ infoprint " +-- COLUMNS : " . $info[1];
+ infoprint " +-- CARDINALITY: " . $info[2];
+ infoprint " +-- TYPE : " . $info[4] if defined $info[4];
+ infoprint " +-- COMMENT : " . $info[5] if defined $info[5];
+ $found++;
+ }
+ badprint "No index found for $dbname database" if $found == 0;
+ push @generalrec, "Add indexes on tables from $dbname database"
+ if $found == 0;
+ }
return
unless ( defined( $myvar{'performance_schema'} )
and $myvar{'performance_schema'} eq 'ON' );
$selIdxReq = <<'ENDSQL';
-SELECT CONCAT(CONCAT(object_schema,'.'),object_name) AS 'table', index_name
+SELECT CONCAT(object_schema,'.',object_name) AS 'table', index_name
FROM performance_schema.table_io_waits_summary_by_index_usage
WHERE index_name IS NOT NULL
AND count_star =0
@@ -6161,10 +6618,37 @@ ENDSQL
}
}
+sub mysql_views() {
+ subheaderprint "Views Metrics";
+ unless ( mysql_version_ge( 5, 5 ) ) {
+ infoprint
+ "Skip Index metrics from information schema missing in this version";
+ return;
+ }
+}
+
+sub mysql_routines() {
+ subheaderprint "Routines Metrics";
+ unless ( mysql_version_ge( 5, 5 ) ) {
+ infoprint
+ "Skip Index metrics from information schema missing in this version";
+ return;
+ }
+}
+
+sub mysql_triggers() {
+ subheaderprint "Triggers Metrics";
+ unless ( mysql_version_ge( 5, 5 ) ) {
+ infoprint
+ "Skip Index metrics from information schema missing in this version";
+ return;
+ }
+}
+
# Take the two recommendation arrays and display them at the end of the output
sub make_recommendations {
$result{'Recommendations'} = \@generalrec;
- $result{'Adjust variables'} = \@adjvars;
+ $result{'AdjustVariables'} = \@adjvars;
subheaderprint "Recommendations";
if ( @generalrec > 0 ) {
prettyprint "General recommendations:";
@@ -6190,8 +6674,10 @@ sub close_outputfile {
sub headerprint {
prettyprint
- " >> MySQLTuner $tunerversion - Major Hayden <major\@mhtx.net>\n"
- . " >> Bug reports, feature requests, and downloads at http://mysqltuner.com/\n"
+ " >> MySQLTuner $tunerversion\n"
+ . "\t * Jean-Marie Renouard <jmrenouard\@gmail.com>\n"
+ . "\t * Major Hayden <major\@mhtx.net>\n"
+ . " >> Bug reports, feature requests, and downloads at http://mysqltuner.pl/\n"
. " >> Run with '--help' for additional options and output filtering";
}
@@ -6247,7 +6733,8 @@ END_TEMPLATE
}
sub dump_result {
- debugprint Dumper( \%result ) if ( $opt{'debug'} );
+
+ #debugprint Dumper( \%result ) if ( $opt{'debug'} );
debugprint "HTML REPORT: $opt{'reportfile'}";
if ( $opt{'reportfile'} ne 0 ) {
@@ -6328,41 +6815,44 @@ debugprint "MySQL FINAL Client : $mysqlcmd $mysqllogin";
debugprint "MySQL Admin FINAL Client : $mysqladmincmd $mysqllogin";
#exit(0);
-os_setup; # Set up some OS variables
-get_all_vars; # Toss variables/status into hashes
-get_tuning_info; # Get information about the tuning connexion
-validate_mysql_version; # Check current MySQL version
-
-check_architecture; # Suggest 64-bit upgrade
-system_recommendations; # avoid to many service on the same host
-log_file_recommendations; # check log file content
-check_storage_engines; # Show enabled storage engines
-
-check_metadata_perf; # Show parameter impacting performance during analysis
-mysql_databases; # Show informations about databases
-mysql_tables; # Show informations about table column
-
-mysql_indexes; # Show informations about indexes
-security_recommendations; # Display some security recommendations
-cve_recommendations; # Display related CVE
-calculations; # Calculate everything we need
-mysql_stats; # Print the server stats
-mysqsl_pfs; # Print Performance schema info
-mariadb_threadpool; # Print MariaDB ThreadPool stats
-mysql_myisam; # Print MyISAM stats
-mysql_innodb; # Print InnoDB stats
-mariadb_ariadb; # Print MariaDB AriaDB stats
-mariadb_tokudb; # Print MariaDB Tokudb stats
-mariadb_xtradb; # Print MariaDB XtraDB stats
-
-#mariadb_rockdb; # Print MariaDB RockDB stats
-#mariadb_spider; # Print MariaDB Spider stats
-#mariadb_connect; # Print MariaDB Connect stats
-mariadb_galera; # Print MariaDB Galera Cluster stats
-get_replication_status; # Print replication info
-make_recommendations; # Make recommendations based on stats
-dump_result; # Dump result if debug is on
-close_outputfile; # Close reportfile if needed
+os_setup; # Set up some OS variables
+get_all_vars; # Toss variables/status into hashes
+get_tuning_info; # Get information about the tuning connexion
+validate_mysql_version; # Check current MySQL version
+
+check_architecture; # Suggest 64-bit upgrade
+system_recommendations; # avoid to many service on the same host
+log_file_recommendations; # check log file content
+check_storage_engines; # Show enabled storage engines
+
+check_metadata_perf; # Show parameter impacting performance during analysis
+mysql_databases; # Show informations about databases
+mysql_tables; # Show informations about table column
+
+mysql_indexes; # Show informations about indexes
+mysql_views; # Show informations about views
+mysql_triggers; # Show informations about triggers
+mysql_routines; # Show informations about routines
+security_recommendations; # Display some security recommendations
+cve_recommendations; # Display related CVE
+calculations; # Calculate everything we need
+mysql_stats; # Print the server stats
+mysqsl_pfs; # Print Performance schema info
+mariadb_threadpool; # Print MariaDB ThreadPool stats
+mysql_myisam; # Print MyISAM stats
+mysql_innodb; # Print InnoDB stats
+mariadb_aria; # Print MariaDB Aria stats
+mariadb_tokudb; # Print MariaDB Tokudb stats
+mariadb_xtradb; # Print MariaDB XtraDB stats
+
+#mariadb_rockdb; # Print MariaDB RockDB stats
+#mariadb_spider; # Print MariaDB Spider stats
+#mariadb_connect; # Print MariaDB Connect stats
+mariadb_galera; # Print MariaDB Galera Cluster stats
+get_replication_status; # Print replication info
+make_recommendations; # Make recommendations based on stats
+dump_result; # Dump result if debug is on
+close_outputfile; # Close reportfile if needed
# ---------------------------------------------------------------------------
# END 'MAIN'
@@ -6377,7 +6867,7 @@ __END__
=head1 NAME
- MySQLTuner 1.7.17 - MySQL High Performance Tuning Script
+ MySQLTuner 1.9.9 - MySQL High Performance Tuning Script
=head1 IMPORTANT USAGE GUIDELINES
@@ -6391,6 +6881,7 @@ You must provide the remote server's total memory when connecting to other serve
--host <hostname> Connect to a remote host to perform tests (default: localhost)
--socket <socket> Use a different socket for a local connection
--port <port> Port to use for connection (default: 3306)
+ --protocol tcp Force TCP connection instead of socket
--user <username> Username to use for authentication
--userenv <envvar> Name of env variable which contains username to use for authentication
--pass <password> Password to use for authentication
@@ -6399,46 +6890,51 @@ You must provide the remote server's total memory when connecting to other serve
--mysqladmin <path> Path to a custom mysqladmin executable
--mysqlcmd <path> Path to a custom mysql executable
--defaults-file <path> Path to a custom .my.cnf
+ --server-log <path> Path to explict log file (error_log)
=head1 PERFORMANCE AND REPORTING OPTIONS
--skipsize Don't enumerate tables and their types/sizes (default: on)
(Recommended for servers with many tables)
+ --json Print result as JSON string
+ --prettyjson Print result as JSON formatted string
--skippassword Don't perform checks on user passwords(default: off)
--checkversion Check for updates to MySQLTuner (default: don't check)
--updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)
--forcemem <size> Amount of RAM installed in megabytes
--forceswap <size> Amount of swap memory configured in megabytes
--passwordfile <path> Path to a password file list(one password by line)
+ --cvefile <path> CVE File for vulnerability checks
+ --outputfile <path> Path to a output txt file
+ --reportfile <path> Path to a report txt file
+ --template <path> Path to a template file
=head1 OUTPUT OPTIONS
--silent Don't output anything on screen
+ --verbose Prints out all options (default: no verbose, dbstat, idxstat, sysstat, tbstat, pfstat)
+ --nocolor Don't print output in color
--nogood Remove OK responses
--nobad Remove negative/suggestion responses
--noinfo Remove informational responses
--debug Print debug information
- --noprocess Consider no other process is running
+ --noprocess Consider no other process is running
--dbstat Print database information
--nodbstat Don't Print database information
--tbstat Print table information
--notbstat Don't Print table information
+ --colstat Print column information
+ --nocolstat Don't Print column information
--idxstat Print index information
--noidxstat Don't Print index information
--sysstat Print system information
--nosysstat Don't Print system information
--pfstat Print Performance schema
--nopfstat Don't Print Performance schema
- --verbose Prints out all options (default: no verbose, dbstat, idxstat, sysstat, tbstat, pfstat)
--bannedports Ports banned separated by comma(,)
+ --server-log Define specifi error_log to analyze
--maxportallowed Number of ports opened allowed on this hosts
- --cvefile <path> CVE File for vulnerability checks
- --nocolor Don't print output in color
- --json Print result as JSON string
--buffers Print global and per-thread buffer values
- --outputfile <path> Path to a output txt file
- --reportfile <path> Path to a report txt file
- --template <path> Path to a template file
=head1 PERLDOC
@@ -6602,7 +7098,7 @@ Christian Loos
=head1 SUPPORT
-Bug reports, feature requests, and downloads at http://mysqltuner.com/
+Bug reports, feature requests, and downloads at http://mysqltuner.pl/
Bug tracker can be found at https://github.com/major/MySQLTuner-perl/issues
@@ -6616,9 +7112,9 @@ L<https://github.com/major/MySQLTuner-perl>
=head1 COPYRIGHT AND LICENSE
-Copyright (C) 2006-2018 Major Hayden - major@mhtx.net
+Copyright (C) 2006-2022 Major Hayden - major@mhtx.net
-For the latest updates, please visit http://mysqltuner.com/
+For the latest updates, please visit http://mysqltuner.pl/
Git repository available at https://github.com/major/MySQLTuner-perl
diff --git a/mysqltuner.png b/mysqltuner.png
index f08327b..ca60e73 100644
Binary files a/mysqltuner.png and b/mysqltuner.png differ
diff --git a/renovate.json b/renovate.json
new file mode 100644
index 0000000..f45d8f1
--- /dev/null
+++ b/renovate.json
@@ -0,0 +1,5 @@
+{
+ "extends": [
+ "config:base"
+ ]
+}
diff --git a/templates/basic.html.j2 b/templates/basic.html.j2
new file mode 100644
index 0000000..ed15492
--- /dev/null
+++ b/templates/basic.html.j2
@@ -0,0 +1,223 @@
+<!doctype html>
+<html lang="en">
+ <head>
+ <!-- Required meta tags -->
+ <meta charset="utf-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+
+ <!-- Bootstrap CSS -->
+ <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css">
+ <link href="https://fonts.googleapis.com/css2?family=Material+Icons" rel="stylesheet">
+ <script src="https://code.jquery.com/jquery-3.6.0.slim.min.js" integrity="sha256-u7e5khyithlIdTpu22PHhENmPcRdFiHRjhAuHcs05RI=" crossorigin="anonymous"></script>
+ <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script>
+ <script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.4/Chart.js"></script>
+ <link rel="stylesheet" href="https://unpkg.com/bootstrap-table@1.19.1/dist/bootstrap-table.min.css">
+<script src="https://unpkg.com/bootstrap-table@1.19.1/dist/bootstrap-table.min.js"></script>
+ <title>MySQL Tuner {{ MySQLTuner.version }} - {{ MySQLTuner.datetime | default(' ??? ') }}</title>
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+ </head>
+ <body>
+ <h1>MySQL Tuner {{ MySQLTuner.version }} - {{ MySQLTuner.datetime | default(' ??? ') }}</h1>
+
+<div class="d-flex align-items-start">
+ <div class="nav flex-column nav-pills me-3 justify-content-rigth" id="v-pills-tab" role="tablist" aria-orientation="vertical">
+ {% set sections = { "Recommendations": "bi bi-list-check", "Variables": "bi bi-list-check", "Status": "bi bi-list-check", "Calculations": "bi bi-list-check" } %}
+ {% for etab in sections %}
+ <button class="nav-link{% if loop.index == 1 %} active{% endif %}" id="v-pills-{{ etab }}-tab" data-bs-toggle="pill" data-bs-target="#v-pills-{{ etab }}" type="button" role="tab" aria-controls="v-pills-{{ etab }}" aria-selected="true"><i class="{{ sections[etab] }}"></i>{{ etab }}</button>
+ {% endfor %}
+ </div>
+ <div class="tab-content" id="v-pills-tabContent">
+ <div class="tab-pane fade show active" id="v-pills-Recommendations" role="tabpanel" aria-labelledby="v-pills-Recommendations-tab">
+ <h3><i class="bi bi-list-check"></i>Recommendations</h3>
+ <script>
+ function recFunction() {
+ var input, filter, table, tr, td, i, txtValue;
+ input = document.getElementById("recInput");
+ filter = input.value.toUpperCase();
+ table = document.getElementById("recTable");
+ tr = table.getElementsByTagName("tr");
+ for (i = 0; i < tr.length; i++) {
+ td = tr[i].getElementsByTagName("td")[1];
+ if (td) {
+ txtValue = td.textContent || td.innerText;
+ if (txtValue.toUpperCase().indexOf(filter) > -1) {
+ tr[i].style.display = "";
+ } else {
+ tr[i].style.display = "none";
+ }
+ }
+ }
+ }
+ </script>
+ <table class="table" id="recTable">
+ <thead>
+ <tr>
+ <th scope="col">#</th>
+ <th scope="col">Recommandations <input type="text" id="recInput" onkeyup="recFunction()" placeholder="Search for names.." title="Type in a name"\></th>
+ </tr>
+ </thead>
+ <tbody class="results">{% for result in Recommendations %}
+ <tr>
+ <td> {{ loop.index }}</td>
+ <td> {{ result }}</td>
+ </tr>{% endfor %}
+ </tbody>
+ </table>
+ </div>
+
+ <div class="tab-pane fade" id="v-pills-Variables" role="tabpanel" aria-labelledby="v-pills-Variables-tab">
+ <h3><i class="bi bi-list-check"></i>System variables</h3>
+ <ul>
+ <li><a href="https://dev.mysql.com/doc/refman/5.7/en/server-system-variables.html" target="_blank">MySQL 5.7 system variables</a></li>
+ <li><a href="https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html" target="_blank">MySQL 8.0 system variables</a></li>
+ <li><a href="https://mariadb.com/kb/en/server-system-variables" target="_blank">MariaDB system variables</a></li>
+ </ul>
+ <script>
+ function sysFunction() {
+ var input, filter, table, tr, td, i, txtValue;
+ input = document.getElementById("sysInput");
+ filter = input.value.toUpperCase();
+ table = document.getElementById("sysTable");
+ tr = table.getElementsByTagName("tr");
+ for (i = 0; i < tr.length; i++) {
+ td = tr[i].getElementsByTagName("td")[1];
+ if (td) {
+ txtValue = td.textContent || td.innerText;
+ if (txtValue.toUpperCase().indexOf(filter) > -1) {
+ tr[i].style.display = "";
+ } else {
+ tr[i].style.display = "none";
+ }
+ }
+ }
+ }
+ </script>
+ <table class="table" id="sysTable">
+ <thead>
+ <tr>
+ <th scope="col">#</th>
+ <th scope="col">Variable <input type="text" id="sysInput" onkeyup="sysFunction()" placeholder="Search for names.." title="Type in a name"\></th>
+ <th scope="col">Value</th>
+ </tr>
+ </thead>
+ <tbody>{% for vari in Variables %}
+ <tr>
+ <td> {{ loop.index }}</td>
+ <td> {{ vari }}</td>
+ <td>
+ <ul>
+ {% if Variables[vari] is string %}
+ {% for v in Variables[vari].split(',') %}
+ <li>{% if v == '' %}NOT DEFINED{% else %}{{ v }}{% endif %}</li>
+ {% endfor %}
+ {% else %}
+ <li>{{ Variables[vari] }}</li>
+ {% endif %}
+ </ul>
+ </td>
+ </tr>{% endfor %}
+ </tbody>
+ </table>
+ </div>
+ <div class="tab-pane fade" id="v-pills-Status" role="tabpanel" aria-labelledby="v-pills-Status-tab">
+ <h3><i class="bi bi-list-check"></i>Status Variables</h3>
+ <ul>
+ <li><a href="https://dev.mysql.com/doc/refman/5.7/en/server-status-variables.html" target="_blank">MySQL 5.7 Server status</a></li>
+ <li><a href="https://dev.mysql.com/doc/refman/8.0/en/server-status-variables.html" target="_blank">MySQL 8.0 Server status</a></li>
+ <li><a href="https://mariadb.com/kb/en/server-status-variables/" target="_blank">MariaDB Server status</a></li>
+ </ul>
+ <script>
+ function statFunction() {
+ var input, filter, table, tr, td, i, txtValue;
+ input = document.getElementById("statInput");
+ filter = input.value.toUpperCase();
+ table = document.getElementById("statTable");
+ tr = table.getElementsByTagName("tr");
+ for (i = 0; i < tr.length; i++) {
+ td = tr[i].getElementsByTagName("td")[1];
+ if (td) {
+ txtValue = td.textContent || td.innerText;
+ if (txtValue.toUpperCase().indexOf(filter) > -1) {
+ tr[i].style.display = "";
+ } else {
+ tr[i].style.display = "none";
+ }
+ }
+ }
+ }
+ </script>
+ <table class="table" id="statTable">
+ <thead>
+ <tr>
+ <th scope="col">#</th>
+ <th scope="col">Variable de status <input type="text" id="statInput" onkeyup="statFunction()" placeholder="Search for names.." title="Type in a name"\></th>
+ <th scope="col">Value</th>
+ </tr>
+ </thead>
+ <tbody>{% for vari in Status %}
+ <tr>
+ <td> {{ loop.index }}</td>
+ <td> {{ vari }}</td>
+ <td>
+ <ul>
+ {% if Status[vari] is string %}
+ {% for v in Status[vari].split(',') %}
+ <li>{% if v == '' %}NOT DEFINED{% else %}{{ v }}{% endif %}</li>
+ {% endfor %}
+ {% else %}
+ <li>{{ Status[vari] }}</li>
+ {% endif %}
+ </ul>
+ </td>
+
+ </tr>{% endfor %}
+ </tbody>
+ </table>
+ </div>
+ <div class="tab-pane fade" id="v-pills-Calculations" role="tabpanel" aria-labelledby="v-pills-Calculations-tab">
+ <h3><i class="bi bi-list-check"></i>Calculated variables</h3>
+ <script>
+ function calcFunction() {
+ var input, filter, table, tr, td, i, txtValue;
+ input = document.getElementById("calcInput");
+ filter = input.value.toUpperCase();
+ table = document.getElementById("calcTable");
+ tr = table.getElementsByTagName("tr");
+ for (i = 0; i < tr.length; i++) {
+ td = tr[i].getElementsByTagName("td")[1];
+ if (td) {
+ txtValue = td.textContent || td.innerText;
+ if (txtValue.toUpperCase().indexOf(filter) > -1) {
+ tr[i].style.display = "";
+ } else {
+ tr[i].style.display = "none";
+ }
+ }
+ }
+ }
+ </script>
+ <table class="table" id="calcTable">
+ <thead>
+ <tr>
+ <th scope="col">#</th>
+ <th scope="col">Calculated variables <input type="text" id="calcInput" onkeyup="calcFunction()" placeholder="Search for names.." title="Type in a name"\></th>
+ <th scope="col">Value</th>
+ </tr>
+ </thead>
+ <tbody>{% for vari in Calculations %}
+ <tr>
+ <td> {{ loop.index }}</td>
+ <td> {{ vari }}</td>
+ <td> {{ Calculations[vari] }}</td>
+ </tr>{% endfor %}
+ </tbody>
+ </table>
+ </div>
+ </div>
+</div>
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/vulnerabilities.csv b/vulnerabilities.csv
index d383fdd..1596eae 100755
--- a/vulnerabilities.csv
+++ b/vulnerabilities.csv
@@ -1,869 +1,1464 @@
-4.0.20;4;0;20;CVE-2004-0457;Candidate;"The mysqlhotcopy script in mysql 4.0.20 and earlier; when using the scp method from the mysql-server package; allows local users to overwrite arbitrary files via a symlink attack on temporary files.";"DEBIAN:DSA-540 | URL:http://www.debian.org/security/2004/dsa-540 | CONFIRM:http://packages.debian.org/changelogs/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20-11/changelog | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | OVAL:oval:org.mitre.oval:def:10693 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10693 | XF:mysql-mysqlhotcopy-insecure-file(17030) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/17030";Assigned (20040506);"None (candidate not yet proposed)";
-4.0.20;4;0;20;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/17047";Assigned (20040908);"None (candidate not yet proposed)";
-3.23.48;3;23;48;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/17047";Assigned (20040908);"None (candidate not yet proposed)";
-4.1.9;4;1;9;CVE-2005-0799;Candidate;"MySQL 4.1.9; and possibly earlier versions; allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.";"BUGTRAQ:20050315 Denial of Service Vulnerability in MySQL Server for Windows | URL:http://marc.info/?l=bugtraq&m=111091250923281&w=2 | CONFIRM:http://bugs.mysql.com/bug.php?id=9148 | SECUNIA:14564 | URL:http://secunia.com/advisories/14564";Assigned (20050320);"None (candidate not yet proposed)";
-4.1.20;4;1;20;CVE-2006-3469;Candidate;"Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function; which is later used in a formatted print call to display the error message.";"MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694 | MISC:http://bugs.mysql.com/bug.php?id=20729 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html | CONFIRM:http://docs.info.apple.com/article.html?artnum=305214 | APPLE:APPLE-SA-2007-03-13 | URL:http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html | DEBIAN:DSA-1112 | URL:http://www.debian.org/security/2006/dsa-1112 | GENTOO:GLSA-200608-09 | URL:http://security.gentoo.org/glsa/glsa-200608-09.xml | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | UBUNTU:USN-321-1 | URL:http://www.ubuntu.com/usn/usn-321-1 | CERT:TA07-072A | URL:http://www.us-cert.gov/cas/techalerts/TA07-072A.html | BID:19032 | URL:http://www.securityfocus.com/bid/19032 | OVAL:oval:org.mitre.oval:def:9827 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9827 | VUPEN:ADV-2007-0930 | URL:http://www.vupen.com/english/advisories/2007/0930 | SECUNIA:21147 | URL:http://secunia.com/advisories/21147 | SECUNIA:21366 | URL:http://secunia.com/advisories/21366 | SECUNIA:24479 | URL:http://secunia.com/advisories/24479 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226";Assigned (20060710);"None (candidate not yet proposed)";
-4.1.22;4;1;22;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.41;5;0;41;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.1.17;5;1;17;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.44;5;0;44;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.39;5;0;39;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34348";Assigned (20070515);"None (candidate not yet proposed)";
-5.1.17;5;1;17;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34348";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.44;5;0;44;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34348";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.44;5;0;44;CVE-2007-3780;Candidate;"MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=28984 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2007:0875 | URL:http://www.redhat.com/support/errata/RHSA-2007-0875.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:36732 | URL:http://osvdb.org/36732 | OVAL:oval:org.mitre.oval:def:11058 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11058 | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | SECTRACK:1018629 | URL:http://www.securitytracker.com/id?1018629 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26621 | URL:http://secunia.com/advisories/26621 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823";Assigned (20070715);"None (candidate not yet proposed)";
-5.0.44;5;0;44;CVE-2007-3781;Candidate;"MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement; which allows remote authenticated users to obtain sensitive information such as the table structure.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=25578 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:37783 | URL:http://osvdb.org/37783 | OVAL:oval:org.mitre.oval:def:9195 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9195 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
-5.0.44;5;0;44;CVE-2007-3782;Candidate;"MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://bugs.mysql.com/bug.php?id=27878 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OVAL:oval:org.mitre.oval:def:10563 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10563 | SECTRACK:1018663 | URL:http://securitytracker.com/id?1018663 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
-5.0.50;5;0;50;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-5.0.51;5;0;51;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-5.1.22;5;1;22;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-6.0.3;6;0;3;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-5.0.50;5;0;50;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38989";Assigned (20071210);"None (candidate not yet proposed)";
-5.1.22;5;1;22;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38989";Assigned (20071210);"None (candidate not yet proposed)";
-6.0.3;6;0;3;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38989";Assigned (20071210);"None (candidate not yet proposed)";
-5.0.50;5;0;50;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38990";Assigned (20071210);"None (candidate not yet proposed)";
-5.1.22;5;1;22;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38990";Assigned (20071210);"None (candidate not yet proposed)";
-6.0.3;6;0;3;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38990";Assigned (20071210);"None (candidate not yet proposed)";
-5.1.22;5;1;22;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
-6.0.3;6;0;3;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
-5.0.65;5;0;65;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45042";Assigned (20080909);"None (candidate not yet proposed)";
-5.1.25;5;1;25;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45042";Assigned (20080909);"None (candidate not yet proposed)";
-6.0.5;6;0;5;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45042";Assigned (20080909);"None (candidate not yet proposed)";
-5.0.87;5;0;87;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
-5.1.40;5;1;40;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
-1.9.8;1;9;8;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.0.89;5;0;89;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.1.42;5;1;42;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.5.-1;5;5;-1;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.0.50;5;0;50;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
-37.1.0;37;1;0;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
-5.1.49;5;1;49;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
-5.1.47;5;1;47;CVE-2010-2008;Candidate;"MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot); .. (dot dot); ../ (dot dot slash) or similar sequence; and an UPGRADE DATA DIRECTORY NAME command; which causes MySQL to move certain directories to the server data directory.";"CONFIRM:http://bugs.mysql.com/bug.php?id=53804 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html | FEDORA:FEDORA-2010-11135 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html | MANDRIVA:MDVSA-2010:155 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:41198 | URL:http://www.securityfocus.com/bid/41198 | OVAL:oval:org.mitre.oval:def:11869 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11869 | SECTRACK:1024160 | URL:http://www.securitytracker.com/id?1024160 | SECUNIA:40333 | URL:http://secunia.com/advisories/40333 | SECUNIA:40762 | URL:http://secunia.com/advisories/40762 | VUPEN:ADV-2010-1918 | URL:http://www.vupen.com/english/advisories/2010/1918";Assigned (20100521);"None (candidate not yet proposed)";
-5.0.91;5;0;91;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64845";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.50;5;1;50;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64845";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.5;5;5;5;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64845";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.91;5;0;91;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64844";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.50;5;1;50;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64844";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.5;5;5;5;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64844";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.50;5;1;50;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64843";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.5;5;5;5;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64843";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.91;5;0;91;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64842";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.50;5;1;50;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64842";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.5;5;5;5;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64842";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.91;5;0;91;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64841";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.50;5;1;50;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64841";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.5;5;5;5;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64841";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.91;5;0;91;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64840";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.50;5;1;50;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64840";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.5;5;5;5;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64840";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.50;5;1;50;CVE-2010-3840;Candidate;"The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.";"MISC:http://lists.mysql.com/commits/117094 | CONFIRM:http://bugs.mysql.com/bug.php?id=51875 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640865 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0824 | URL:http://www.redhat.com/support/errata/RHSA-2010-0824.html | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-gislinestringinitfromwkb-dos(64838) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64838";Assigned (20101007);"None (candidate not yet proposed)";
-0.9.3;0;9;3;CVE-2011-0432;Candidate;"Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.";"CONFIRM:http://code.google.com/p/pywebdav/updates/list | CONFIRM:http://pywebdav.googlecode.com/files/PyWebDAV-0.9.4.1.tar.gz | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=677718 | DEBIAN:DSA-2177 | URL:http://www.debian.org/security/2011/dsa-2177 | FEDORA:FEDORA-2011-2427 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055444.html | FEDORA:FEDORA-2011-2460 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055412.html | FEDORA:FEDORA-2011-2470 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055413.html | BID:46655 | URL:http://www.securityfocus.com/bid/46655 | SECUNIA:43571 | URL:http://secunia.com/advisories/43571 | SECUNIA:43602 | URL:http://secunia.com/advisories/43602 | SECUNIA:43703 | URL:http://secunia.com/advisories/43703 | VUPEN:ADV-2011-0553 | URL:http://www.vupen.com/english/advisories/2011/0553 | VUPEN:ADV-2011-0554 | URL:http://www.vupen.com/english/advisories/2011/0554 | VUPEN:ADV-2011-0634 | URL:http://www.vupen.com/english/advisories/2011/0634";Assigned (20110112);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54551 | URL:http://www.securityfocus.com/bid/54551 | OSVDB:83976 | URL:http://osvdb.org/83976 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77061";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54551 | URL:http://www.securityfocus.com/bid/54551 | OSVDB:83976 | URL:http://osvdb.org/83976 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77061";Assigned (20120111);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2012-0572;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16792 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16792 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-0572;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16792 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16792 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2012-0574;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | HP:HPSBUX02824 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | HP:SSRT100970 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17266 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17266 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-0574;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | HP:HPSBUX02824 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | HP:SSRT100970 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17266 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17266 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-0578;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16947 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16947 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.1.60;5;1;60;CVE-2012-0583;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier; and 5.5.19 and earlier; allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53061 | URL:http://www.securityfocus.com/bid/53061 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.19;5;5;19;CVE-2012-0583;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier; and 5.5.19 and earlier; allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53061 | URL:http://www.securityfocus.com/bid/53061 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53067 | URL:http://www.securityfocus.com/bid/53067 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53067 | URL:http://www.securityfocus.com/bid/53067 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77065";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.22;5;5;22;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77065";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.19;5;5;19;CVE-2012-1696;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53071 | URL:http://www.securityfocus.com/bid/53071 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1697;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53064 | URL:http://www.securityfocus.com/bid/53064 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54540 | URL:http://www.securityfocus.com/bid/54540 | OSVDB:83979 | URL:http://osvdb.org/83979 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77064";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54540 | URL:http://www.securityfocus.com/bid/54540 | OSVDB:83979 | URL:http://osvdb.org/83979 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77064";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-1735;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54549 | URL:http://www.securityfocus.com/bid/54549 | OSVDB:83975 | URL:http://osvdb.org/83975 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-serveroptimizer-dos(77060) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77060";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-1756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54524 | URL:http://www.securityfocus.com/bid/54524 | OSVDB:83978 | URL:http://osvdb.org/83978 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-server1-dos(77063) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77063";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-1757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54526 | URL:http://www.securityfocus.com/bid/54526 | OSVDB:83977 | URL:http://osvdb.org/83977 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-innodb1-dos(77062) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77062";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
-97.15.14;97;15;14;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3144;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-server-cve20123144-dos(79387) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79387";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3147;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-client-cve20123147(79384) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79384";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3149;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-client-info-disc(79390) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79390";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.64;5;1;64;CVE-2012-3150;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-opt-dos(79388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79388";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3150;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-opt-dos(79388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79388";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.25;5;5;25;CVE-2012-3156;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.64;5;1;64;CVE-2012-3158;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Protocol.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-protocol-cve20123158(79382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79382";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3158;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Protocol.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-protocol-cve20123158(79382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79382";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.65;5;1;65;CVE-2012-3160;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows local users to affect confidentiality via unknown vectors related to Server Installation.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverinstallation-info-disc(79394) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79394";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.27;5;5;27;CVE-2012-3160;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows local users to affect confidentiality via unknown vectors related to Server Installation.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverinstallation-info-disc(79394) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79394";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.64;5;1;64;CVE-2012-3163;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | CONFIRM:http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:56509 | URL:http://secunia.com/advisories/56509 | SECUNIA:56513 | URL:http://secunia.com/advisories/56513 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-informationschema-cve20123163(79381) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79381";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3163;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | CONFIRM:http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:56509 | URL:http://secunia.com/advisories/56509 | SECUNIA:56513 | URL:http://secunia.com/advisories/56513 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-informationschema-cve20123163(79381) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79381";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.63;5;1;63;CVE-2012-3166;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.25;5;5;25;CVE-2012-3166;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.63;5;1;63;CVE-2012-3167;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverfulltextsearch-dos(79392) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79392";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.25;5;5;25;CVE-2012-3167;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverfulltextsearch-dos(79392) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79392";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.63;5;1;63;CVE-2012-3173;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-innodbplugin-dos(79386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79386";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.25;5;5;25;CVE-2012-3173;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-innodbplugin-dos(79386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79386";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.65;5;1;65;CVE-2012-3177;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-server-dos(79383) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79383";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.27;5;5;27;CVE-2012-3177;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-server-dos(79383) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79383";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.65;5;1;65;CVE-2012-3180;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-optimize-dos(79389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79389";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.27;5;5;27;CVE-2012-3180;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-optimize-dos(79389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79389";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.64;5;1;64;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverreplication-dos(79393) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79393";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverreplication-dos(79393) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79393";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.2.11;5;2;11;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.3.6;5;3;6;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.5.24;5;5;24;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.1.65;5;1;65;CVE-2012-5060;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120921);"None (candidate not yet proposed)";
-5.5.27;5;5;27;CVE-2012-5060;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120921);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-5096;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16877 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16877 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120922);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0367;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17077 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17077 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0368;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17255 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17255 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0371;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16451 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16451 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0375;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.1.28 and earlier; allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17175 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17175 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.28;5;1;28;CVE-2013-0375;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.1.28 and earlier; allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17175 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17175 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0383;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote attackers to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16758 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16758 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0383;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote attackers to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16758 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16758 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0384;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16632 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16632 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0384;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16632 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16632 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0385;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16267 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16267 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0385;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16267 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16267 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0386;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16835 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16835 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.6.9;5;6;9;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.1.67;5;1;67;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.5.29;5;5;29;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.1.67;5;1;67;CVE-2013-1521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.5.29;5;5;29;CVE-2013-1521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.5.29;5;5;29;CVE-2013-1523;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-1523;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.5.29;5;5;29;CVE-2013-1526;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-1531;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-1531;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.1.63;5;1;63;CVE-2013-1548;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.1.67;5;1;67;CVE-2013-1555;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; and 5.5.29 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.5.29;5;5;29;CVE-2013-1555;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; and 5.5.29 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.5.29;5;5;29;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.3.12;5;3;12;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.2.14;5;2;14;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.1.67;5;1;67;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.1.68;5;1;68;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-2381;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
-5.1.68;5;1;68;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
-5.1.68;5;1;68;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3783;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61210 | URL:http://www.securityfocus.com/bid/61210 | OSVDB:95332 | URL:http://osvdb.org/95332 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133783(85719) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85719";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85710";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85710";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3795;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61241 | URL:http://www.securityfocus.com/bid/61241 | OSVDB:95324 | URL:http://osvdb.org/95324";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3796;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61233 | URL:http://www.securityfocus.com/bid/61233 | OSVDB:95329 | URL:http://osvdb.org/95329";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3798;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61274 | URL:http://www.securityfocus.com/bid/61274 | OSVDB:95321 | URL:http://osvdb.org/95321";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)";
-5.1.69;5;1;69;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85712";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85712";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85712";Assigned (20130603);"None (candidate not yet proposed)";
-5.1.69;5;1;69;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85715";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85715";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85715";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3806;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3811.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95326 | URL:http://osvdb.org/95326 | XF:oracle-cpujuly2013-cve20133806(85713) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85713";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3807;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95334 | URL:http://osvdb.org/95334 | XF:oracle-cpujuly2013-cve20133807(85721) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85721";Assigned (20130603);"None (candidate not yet proposed)";
-5.1.68;5;1;68;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85717";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85717";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85717";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85709";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85709";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3810;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95337 | URL:http://osvdb.org/95337 | XF:oracle-cpujuly2013-cve20133810(85724) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85724";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3811;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3806.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95335 | URL:http://osvdb.org/95335 | XF:oracle-cpujuly2013-cve20133811(85722) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85722";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85723";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85723";Assigned (20130603);"None (candidate not yet proposed)";
-5.1.70;5;1;70;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63109 | URL:http://www.securityfocus.com/bid/63109 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.32;5;5;32;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63109 | URL:http://www.securityfocus.com/bid/63109 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63109 | URL:http://www.securityfocus.com/bid/63109 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5767;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63113 | URL:http://www.securityfocus.com/bid/63113 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-5770;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63119 | URL:http://www.securityfocus.com/bid/63119 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5786;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5793.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63107 | URL:http://www.securityfocus.com/bid/63107 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5793;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5786.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63116 | URL:http://www.securityfocus.com/bid/63116 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.32;5;5;32;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63105 | URL:http://www.securityfocus.com/bid/63105 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63105 | URL:http://www.securityfocus.com/bid/63105 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2013-5860;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64864 | URL:http://www.securityfocus.com/bid/64864 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135860(90373) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90373";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2013-5881;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2014-0431.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64885 | URL:http://www.securityfocus.com/bid/64885 | OSVDB:102066 | URL:http://osvdb.org/102066 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135881(90377) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90377";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2013-5882;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64854 | URL:http://www.securityfocus.com/bid/64854 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135882(90374) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90374";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2013-5894;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64873 | URL:http://www.securityfocus.com/bid/64873 | OSVDB:102065 | URL:http://osvdb.org/102065 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135894(90376) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90376";Assigned (20130918);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90389";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90389";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90389";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | BID:65298 | URL:http://www.securityfocus.com/bid/65298 | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714 | SECTRACK:1029708 | URL:http://www.securitytracker.com/id/1029708 | SECUNIA:52161 | URL:http://secunia.com/advisories/52161 | XF:mysql-cve20140001-bo(90901) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90901";Assigned (20131203);"None (candidate not yet proposed)";
-02.565.63;02;565;63;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | BID:65298 | URL:http://www.securityfocus.com/bid/65298 | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714 | SECTRACK:1029708 | URL:http://www.securitytracker.com/id/1029708 | SECUNIA:52161 | URL:http://secunia.com/advisories/52161 | XF:mysql-cve20140001-bo(90901) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90901";Assigned (20131203);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.71;5;1;71;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90380";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90380";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90380";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.71;5;1;71;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90386";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90386";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90386";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90382";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90382";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90382";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.71;5;1;71;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90379";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90379";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90379";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90378";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90378";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90378";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90388";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90388";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0427;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64868 | URL:http://www.securityfocus.com/bid/64868 | OSVDB:102072 | URL:http://osvdb.org/102072 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140427(90383) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90383";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0430;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64893 | URL:http://www.securityfocus.com/bid/64893 | OSVDB:102076 | URL:http://osvdb.org/102076 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140430(90387) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90387";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0431;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5881.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64897 | URL:http://www.securityfocus.com/bid/64897 | OSVDB:102073 | URL:http://osvdb.org/102073 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140431(90384) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90384";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0433;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64895 | URL:http://www.securityfocus.com/bid/64895 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140433(90375) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90375";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90385";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90385";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90385";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.36;5;5;36;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.36;5;5;36;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2434;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66872 | URL:http://www.securityfocus.com/bid/66872";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2435;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66853 | URL:http://www.securityfocus.com/bid/66853";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.36;5;5;36;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2442;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2444;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2450;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2451;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-2484;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRFTS.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-2494;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-4207;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68593 | URL:http://www.securityfocus.com/bid/68593 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144207(94624) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94624";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4214;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68607 | URL:http://www.securityfocus.com/bid/68607 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144214(94627) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94627";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4233;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68598 | URL:http://www.securityfocus.com/bid/68598 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144233(94625) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94625";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4238;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68587 | URL:http://www.securityfocus.com/bid/68587 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144238(94623) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94623";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4240;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68602 | URL:http://www.securityfocus.com/bid/68602 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144240(94626) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94626";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144243(94628) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94628";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144243(94628) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94628";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144258(94620) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94620";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144258(94620) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94620";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144260(94621) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94621";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144260(94621) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94621";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6474;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6489;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70525 | URL:http://www.securityfocus.com/bid/70525";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6520;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70510 | URL:http://www.securityfocus.com/bid/70510";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6564;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70511 | URL:http://www.securityfocus.com/bid/70511";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100191";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100191";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100185";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100185";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100184";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100184";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100190";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100186";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100186";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | BID:72223 | URL:http://www.securityfocus.com/bid/72223 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100188";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72191 | URL:http://www.securityfocus.com/bid/72191 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100183";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72191 | URL:http://www.securityfocus.com/bid/72191 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100183";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72217 | URL:http://www.securityfocus.com/bid/72217 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100187";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | BID:74085 | URL:http://www.securityfocus.com/bid/74085 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | BID:74081 | URL:http://www.securityfocus.com/bid/74081 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0503;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74112 | URL:http://www.securityfocus.com/bid/74112 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74112 | URL:http://www.securityfocus.com/bid/74112 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0506;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2015-0508.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0508;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0506.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0511;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
-2.2.12;2;2;12;CVE-2015-1027;Candidate;"The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL.";"CONFIRM:https://bugs.launchpad.net/percona-toolkit/+bug/1408375 | CONFIRM:https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/";Assigned (20150110);"None (candidate not yet proposed)";
-2.2.8;2;2;8;CVE-2015-1027;Candidate;"The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL.";"CONFIRM:https://bugs.launchpad.net/percona-toolkit/+bug/1408375 | CONFIRM:https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/";Assigned (20150110);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-2566;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-2567;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74073 | URL:http://www.securityfocus.com/bid/74073 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74073 | URL:http://www.securityfocus.com/bid/74073 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74095 | URL:http://www.securityfocus.com/bid/74095 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74095 | URL:http://www.securityfocus.com/bid/74095 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74078 | URL:http://www.securityfocus.com/bid/74078 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74078 | URL:http://www.securityfocus.com/bid/74078 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75762 | URL:http://www.securityfocus.com/bid/75762 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2617;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75774 | URL:http://www.securityfocus.com/bid/75774 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2639;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75760 | URL:http://www.securityfocus.com/bid/75760 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2641;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75815 | URL:http://www.securityfocus.com/bid/75815 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75813 | URL:http://www.securityfocus.com/bid/75813 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
-5.7.2;5;7;2;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
-6.1.2;6;1;2;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | BID:75785 | URL:http://www.securityfocus.com/bid/75785 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75770 | URL:http://www.securityfocus.com/bid/75770 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77232 | URL:http://www.securityfocus.com/bid/77232 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4767;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4769.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75844 | URL:http://www.securityfocus.com/bid/75844 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4769;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4767.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75753 | URL:http://www.securityfocus.com/bid/75753 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75835 | URL:http://www.securityfocus.com/bid/75835 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75781 | URL:http://www.securityfocus.com/bid/75781 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77213 | URL:http://www.securityfocus.com/bid/77213 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77171 | URL:http://www.securityfocus.com/bid/77171 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77171 | URL:http://www.securityfocus.com/bid/77171 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77216 | URL:http://www.securityfocus.com/bid/77216 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77165 | URL:http://www.securityfocus.com/bid/77165 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77165 | URL:http://www.securityfocus.com/bid/77165 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77222 | URL:http://www.securityfocus.com/bid/77222 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77222 | URL:http://www.securityfocus.com/bid/77222 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77134 | URL:http://www.securityfocus.com/bid/77134 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77196 | URL:http://www.securityfocus.com/bid/77196 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77196 | URL:http://www.securityfocus.com/bid/77196 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77237 | URL:http://www.securityfocus.com/bid/77237 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77237 | URL:http://www.securityfocus.com/bid/77237 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77228 | URL:http://www.securityfocus.com/bid/77228 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77228 | URL:http://www.securityfocus.com/bid/77228 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77170 | URL:http://www.securityfocus.com/bid/77170 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77190 | URL:http://www.securityfocus.com/bid/77190 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77190 | URL:http://www.securityfocus.com/bid/77190 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77145 | URL:http://www.securityfocus.com/bid/77145 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77145 | URL:http://www.securityfocus.com/bid/77145 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77137 | URL:http://www.securityfocus.com/bid/77137 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77137 | URL:http://www.securityfocus.com/bid/77137 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77147 | URL:http://www.securityfocus.com/bid/77147 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77187 | URL:http://www.securityfocus.com/bid/77187 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77187 | URL:http://www.securityfocus.com/bid/77187 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77132 | URL:http://www.securityfocus.com/bid/77132 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"EXPLOIT-DB:39867 | URL:https://www.exploit-db.com/exploits/39867/ | MISC:http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77208 | URL:http://www.securityfocus.com/bid/77208 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"EXPLOIT-DB:39867 | URL:https://www.exploit-db.com/exploits/39867/ | MISC:http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77208 | URL:http://www.securityfocus.com/bid/77208 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77140 | URL:http://www.securityfocus.com/bid/77140 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77140 | URL:http://www.securityfocus.com/bid/77140 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77231 | URL:http://www.securityfocus.com/bid/77231 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77136 | URL:http://www.securityfocus.com/bid/77136 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77219 | URL:http://www.securityfocus.com/bid/77219 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77143 | URL:http://www.securityfocus.com/bid/77143 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77234 | URL:http://www.securityfocus.com/bid/77234 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77153 | URL:http://www.securityfocus.com/bid/77153 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77153 | URL:http://www.securityfocus.com/bid/77153 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.27;5;6;27;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-2.17.0;2;17;0;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-10.0.21;10;0;21;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-2.21.1;2;21;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-5.4.42;5;4;42;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
-5.7.8;5;7;8;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
-5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
-10.0.22;10;0;22;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
-10.1.9;10;1;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
-3.16.0;3;16;0;CVE-2016-10550;Candidate;"sequelize is an Object-relational mapping; or a middleman to convert things from Postgres; MySQL; MariaDB; SQLite and Microsoft SQL Server into usable data for NodeJS If user input goes into the `limit` or `order` parameters; a malicious user can put in their own SQL statements. This affects sequelize 3.16.0 and earlier.";"MISC:https://github.com/sequelize/sequelize/pull/5167/commits/f282d85e60e3df5e57ecdb82adccb4eaef404f03 | MISC:https://nodesecurity.io/advisories/112";Assigned (20171029);"None (candidate not yet proposed)";
-2.1.3;2;1;3;CVE-2016-10553;Candidate;"sequelize is an Object-relational mapping; or a middleman to convert things from Postgres; MySQL; MariaDB; SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier.";"MISC:https://github.com/sequelize/sequelize/blob/master/changelog.md#300 | MISC:https://nodesecurity.io/advisories/109";Assigned (20171029);"None (candidate not yet proposed)";
-1.7.-1;1;7;-1;CVE-2016-10554;Candidate;"sequelize is an Object-relational mapping; or a middleman to convert things from Postgres; MySQL; MariaDB; SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3; sequelize defaulted SQLite to use MySQL backslash escaping; even though SQLite uses Postgres escaping.";"MISC:https://github.com/sequelize/sequelize/commit/c876192aa6ce1f67e22b26a4d175b8478615f42d | MISC:https://nodesecurity.io/advisories/113";Assigned (20171029);"None (candidate not yet proposed)";
-3.19.3;3;19;3;CVE-2016-10556;Candidate;"sequelize is an Object-relational mapping; or a middleman to convert things from Postgres; MySQL; MariaDB; SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres; SQLite; and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped. This causes potential SQL injection in sequelize 3.19.3 and earlier; where a malicious user could put `[""test""; ""'); DELETE TestTable WHERE Id = 1 --')""]` inside of ``` database.query('SELECT * FROM TestTable WHERE Name IN (:names)'; { replacements: { names: directCopyOfUserInput } }); ``` and cause the SQL statement to become `SELECT Id FROM Table WHERE Name IN ('test'; '\'); DELETE TestTable WHERE Id = 1 --')`. In Postgres; MSSQL; and SQLite; the backslash has no special meaning. This causes the the statement to delete whichever Id has a value of 1 in the TestTable table.";"MISC:https://github.com/sequelize/sequelize/issues/5671 | MISC:https://nodesecurity.io/advisories/102";Assigned (20171029);"None (candidate not yet proposed)";
-5.5.46;5;5;46;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
-10.0.22;10;0;22;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
-10.1.9;10;1;9;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
-5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
-5.6.28;5;6;28;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
-5.7.10;5;7;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91976 | URL:http://www.securityfocus.com/bid/91976 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91910 | URL:http://www.securityfocus.com/bid/91910 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.47;5;5;47;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.28;5;6;28;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.9;5;7;9;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.24;10;0;24;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.13;10;1;13;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.24;10;0;24;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.13;10;1;13;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"MISC:https://www.tenable.com/security/research/tra-2016-11 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160317);"None (candidate not yet proposed)";
-3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"MISC:https://www.tenable.com/security/research/tra-2016-11 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-3495;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93670 | URL:http://www.securityfocus.com/bid/93670 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91967 | URL:http://www.securityfocus.com/bid/91967 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91983 | URL:http://www.securityfocus.com/bid/91983 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91906 | URL:http://www.securityfocus.com/bid/91906 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91917 | URL:http://www.securityfocus.com/bid/91917 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91915 | URL:http://www.securityfocus.com/bid/91915 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91974 | URL:http://www.securityfocus.com/bid/91974 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91963 | URL:http://www.securityfocus.com/bid/91963 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.47;5;5;47;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.28;5;6;28;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.10;5;7;10;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-10.0.24;10;0;24;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-10.1.13;10;1;13;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | BID:93678 | URL:http://www.securityfocus.com/bid/93678 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | BID:93678 | URL:http://www.securityfocus.com/bid/93678 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.52;5;5;52;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93735 | URL:http://www.securityfocus.com/bid/93735 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.33;5;6;33;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93735 | URL:http://www.securityfocus.com/bid/93735 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.15;5;7;15;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93735 | URL:http://www.securityfocus.com/bid/93735 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5625;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Packaging.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93617 | URL:http://www.securityfocus.com/bid/93617 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.31;5;6;31;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93642 | URL:http://www.securityfocus.com/bid/93642 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93642 | URL:http://www.securityfocus.com/bid/93642 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5628;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93662 | URL:http://www.securityfocus.com/bid/93662 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.31;5;6;31;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | BID:93674 | URL:http://www.securityfocus.com/bid/93674 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | BID:93674 | URL:http://www.securityfocus.com/bid/93674 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5631;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93684 | URL:http://www.securityfocus.com/bid/93684 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5632;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93693 | URL:http://www.securityfocus.com/bid/93693 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5633;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-8290.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93702 | URL:http://www.securityfocus.com/bid/93702 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5635;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93715 | URL:http://www.securityfocus.com/bid/93715 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
-10.0.26;10;0;26;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
-10.1.16;10;1;16;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
-5.6.31;5;6;31;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-8.0.0;8;0;0;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-10.0.27;10;0;27;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-10.1.17;10;1;17;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-5.6.31;5;6;31;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
-5.6.31;5;6;31;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | CONFIRM:https://www.tenable.com/security/tns-2016-19 | GENTOO:GLSA-201611-22 | URL:https://security.gentoo.org/glsa/201611-22 | REDHAT:RHSA-2018:1296 | URL:https://access.redhat.com/errata/RHSA-2018:1296 | BID:93005 | URL:http://www.securityfocus.com/bid/93005 | SECTRACK:1036836 | URL:http://www.securitytracker.com/id/1036836";Assigned (20160909);"None (candidate not yet proposed)";
-7.0.10;7;0;10;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | CONFIRM:https://www.tenable.com/security/tns-2016-19 | GENTOO:GLSA-201611-22 | URL:https://security.gentoo.org/glsa/201611-22 | REDHAT:RHSA-2018:1296 | URL:https://access.redhat.com/errata/RHSA-2018:1296 | BID:93005 | URL:http://www.securityfocus.com/bid/93005 | SECTRACK:1036836 | URL:http://www.securitytracker.com/id/1036836";Assigned (20160909);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.6.31;5;6;31;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93755 | URL:http://www.securityfocus.com/bid/93755 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93755 | URL:http://www.securityfocus.com/bid/93755 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-8286;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93745 | URL:http://www.securityfocus.com/bid/93745 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-8287;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93727 | URL:http://www.securityfocus.com/bid/93727 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93740 | URL:http://www.securityfocus.com/bid/93740 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93740 | URL:http://www.securityfocus.com/bid/93740 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-8289;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93720 | URL:http://www.securityfocus.com/bid/93720 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-8290;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-5633.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93733 | URL:http://www.securityfocus.com/bid/93733 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2016-8318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | BID:95580 | URL:http://www.securityfocus.com/bid/95580 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2016-8318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | BID:95580 | URL:http://www.securityfocus.com/bid/95580 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2016-8327;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:95557 | URL:http://www.securityfocus.com/bid/95557 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2016-8327;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:95557 | URL:http://www.securityfocus.com/bid/95557 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10155;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101402 | URL:http://www.securityfocus.com/bid/101402 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10155;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101402 | URL:http://www.securityfocus.com/bid/101402 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10165;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101424 | URL:http://www.securityfocus.com/bid/101424 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10167;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101433 | URL:http://www.securityfocus.com/bid/101433 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10227;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101337 | URL:http://www.securityfocus.com/bid/101337 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10227;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101337 | URL:http://www.securityfocus.com/bid/101337 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.5.57;5;5;57;CVE-2017-10268;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101390 | URL:http://www.securityfocus.com/bid/101390 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10268;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101390 | URL:http://www.securityfocus.com/bid/101390 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10268;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101390 | URL:http://www.securityfocus.com/bid/101390 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10276;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101441 | URL:http://www.securityfocus.com/bid/101441 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10276;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101441 | URL:http://www.securityfocus.com/bid/101441 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-10279;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101316 | URL:http://www.securityfocus.com/bid/101316 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-10279;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101316 | URL:http://www.securityfocus.com/bid/101316 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10283;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101420 | URL:http://www.securityfocus.com/bid/101420 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10283;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101420 | URL:http://www.securityfocus.com/bid/101420 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-10284;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Stored Procedure). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101385 | URL:http://www.securityfocus.com/bid/101385 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10286;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101397 | URL:http://www.securityfocus.com/bid/101397 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10286;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101397 | URL:http://www.securityfocus.com/bid/101397 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10294;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101444 | URL:http://www.securityfocus.com/bid/101444 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10294;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101444 | URL:http://www.securityfocus.com/bid/101444 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-10296;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101373 | URL:http://www.securityfocus.com/bid/101373 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10311;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101446 | URL:http://www.securityfocus.com/bid/101446 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101448 | URL:http://www.securityfocus.com/bid/101448 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10314;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101314 | URL:http://www.securityfocus.com/bid/101314 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10314;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101314 | URL:http://www.securityfocus.com/bid/101314 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10320;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101410 | URL:http://www.securityfocus.com/bid/101410 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-10365;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 3.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101429 | URL:http://www.securityfocus.com/bid/101429 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.5.57;5;5;57;CVE-2017-10378;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101375 | URL:http://www.securityfocus.com/bid/101375 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10378;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101375 | URL:http://www.securityfocus.com/bid/101375 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2017-10378;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101375 | URL:http://www.securityfocus.com/bid/101375 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.5.57;5;5;57;CVE-2017-10379;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101415 | URL:http://www.securityfocus.com/bid/101415 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10379;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101415 | URL:http://www.securityfocus.com/bid/101415 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10379;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101415 | URL:http://www.securityfocus.com/bid/101415 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.5.57;5;5;57;CVE-2017-10384;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101406 | URL:http://www.securityfocus.com/bid/101406 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.6.37;5;6;37;CVE-2017-10384;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101406 | URL:http://www.securityfocus.com/bid/101406 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2017-10384;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:101406 | URL:http://www.securityfocus.com/bid/101406 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
-10.1.29;10;1;29;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/";Assigned (20171015);"None (candidate not yet proposed)";
-10.2.9;10;2;9;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/";Assigned (20171015);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/";Assigned (20171015);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/";Assigned (20171015);"None (candidate not yet proposed)";
-5.0.-1;5;0;-1;CVE-2017-16540;Candidate;"OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL server via vectors involving a crafted state parameter.";"MISC:http://www.open-emr.org/wiki/index.php/OpenEMR_Patches | MISC:https://isears.github.io/jekyll/update/2017/10/28/openemr-database-disclosure.html | BID:101983 | URL:http://www.securityfocus.com/bid/101983";Assigned (20171104);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95571 | URL:http://www.securityfocus.com/bid/95571 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95571 | URL:http://www.securityfocus.com/bid/95571 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95571 | URL:http://www.securityfocus.com/bid/95571 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3243;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95538 | URL:http://www.securityfocus.com/bid/95538 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95565 | URL:http://www.securityfocus.com/bid/95565 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95565 | URL:http://www.securityfocus.com/bid/95565 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95565 | URL:http://www.securityfocus.com/bid/95565 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3251;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:95482 | URL:http://www.securityfocus.com/bid/95482 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3256;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:95486 | URL:http://www.securityfocus.com/bid/95486 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3257;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95589 | URL:http://www.securityfocus.com/bid/95589 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3257;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95589 | URL:http://www.securityfocus.com/bid/95589 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95560 | URL:http://www.securityfocus.com/bid/95560 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95560 | URL:http://www.securityfocus.com/bid/95560 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95560 | URL:http://www.securityfocus.com/bid/95560 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95520 | URL:http://www.securityfocus.com/bid/95520 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95520 | URL:http://www.securityfocus.com/bid/95520 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95520 | URL:http://www.securityfocus.com/bid/95520 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3273;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:95583 | URL:http://www.securityfocus.com/bid/95583 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3273;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:95583 | URL:http://www.securityfocus.com/bid/95583 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95501 | URL:http://www.securityfocus.com/bid/95501 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95501 | URL:http://www.securityfocus.com/bid/95501 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95501 | URL:http://www.securityfocus.com/bid/95501 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.55;5;5;55;CVE-2017-3305;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client; aka; ""The Riddle"".";"MLIST:[oss-security] 20170317 CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure) | URL:http://www.openwall.com/lists/oss-security/2017/03/17/3 | MISC:http://riddle.link/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97023 | URL:http://www.securityfocus.com/bid/97023 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3305;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client; aka; ""The Riddle"".";"MLIST:[oss-security] 20170317 CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure) | URL:http://www.openwall.com/lists/oss-security/2017/03/17/3 | MISC:http://riddle.link/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97023 | URL:http://www.securityfocus.com/bid/97023 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-3.1.6;3;1;6;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97724 | URL:http://www.securityfocus.com/bid/97724 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-3.2.1182;3;2;1182;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97724 | URL:http://www.securityfocus.com/bid/97724 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-3.3.2;3;3;2;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97724 | URL:http://www.securityfocus.com/bid/97724 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-3.1.6;3;1;6;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97844 | URL:http://www.securityfocus.com/bid/97844 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-3.2.1182;3;2;1182;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97844 | URL:http://www.securityfocus.com/bid/97844 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-3.3.2;3;3;2;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97844 | URL:http://www.securityfocus.com/bid/97844 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97725 | URL:http://www.securityfocus.com/bid/97725 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97725 | URL:http://www.securityfocus.com/bid/97725 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97725 | URL:http://www.securityfocus.com/bid/97725 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97742 | URL:http://www.securityfocus.com/bid/97742 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97742 | URL:http://www.securityfocus.com/bid/97742 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97742 | URL:http://www.securityfocus.com/bid/97742 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95491 | URL:http://www.securityfocus.com/bid/95491 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95491 | URL:http://www.securityfocus.com/bid/95491 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95491 | URL:http://www.securityfocus.com/bid/95491 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3809 | URL:http://www.debian.org/security/2017/dsa-3809 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95527 | URL:http://www.securityfocus.com/bid/95527 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3809 | URL:http://www.debian.org/security/2017/dsa-3809 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95527 | URL:http://www.securityfocus.com/bid/95527 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3809 | URL:http://www.debian.org/security/2017/dsa-3809 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95527 | URL:http://www.securityfocus.com/bid/95527 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95585 | URL:http://www.securityfocus.com/bid/95585 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95585 | URL:http://www.securityfocus.com/bid/95585 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95585 | URL:http://www.securityfocus.com/bid/95585 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.53;5;5;53;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95588 | URL:http://www.securityfocus.com/bid/95588 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.34;5;6;34;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95588 | URL:http://www.securityfocus.com/bid/95588 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95588 | URL:http://www.securityfocus.com/bid/95588 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3319;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:95479 | URL:http://www.securityfocus.com/bid/95479 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3320;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:95470 | URL:http://www.securityfocus.com/bid/95470 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | BID:97763 | URL:http://www.securityfocus.com/bid/97763 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | BID:97763 | URL:http://www.securityfocus.com/bid/97763 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | BID:97763 | URL:http://www.securityfocus.com/bid/97763 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2017-3331;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97772 | URL:http://www.securityfocus.com/bid/97772 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3331;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97772 | URL:http://www.securityfocus.com/bid/97772 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3450;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97747 | URL:http://www.securityfocus.com/bid/97747 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3450;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97747 | URL:http://www.securityfocus.com/bid/97747 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3452;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97779 | URL:http://www.securityfocus.com/bid/97779 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97776 | URL:http://www.securityfocus.com/bid/97776 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97776 | URL:http://www.securityfocus.com/bid/97776 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97776 | URL:http://www.securityfocus.com/bid/97776 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3454;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97791 | URL:http://www.securityfocus.com/bid/97791 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3455;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97820 | URL:http://www.securityfocus.com/bid/97820 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97831 | URL:http://www.securityfocus.com/bid/97831 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97831 | URL:http://www.securityfocus.com/bid/97831 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97831 | URL:http://www.securityfocus.com/bid/97831 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3457;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97845 | URL:http://www.securityfocus.com/bid/97845 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3458;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97837 | URL:http://www.securityfocus.com/bid/97837 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3459;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97847 | URL:http://www.securityfocus.com/bid/97847 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3460;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97826 | URL:http://www.securityfocus.com/bid/97826 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97812 | URL:http://www.securityfocus.com/bid/97812 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97812 | URL:http://www.securityfocus.com/bid/97812 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97812 | URL:http://www.securityfocus.com/bid/97812 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97851 | URL:http://www.securityfocus.com/bid/97851 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97851 | URL:http://www.securityfocus.com/bid/97851 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97851 | URL:http://www.securityfocus.com/bid/97851 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97849 | URL:http://www.securityfocus.com/bid/97849 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97849 | URL:http://www.securityfocus.com/bid/97849 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97849 | URL:http://www.securityfocus.com/bid/97849 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97818 | URL:http://www.securityfocus.com/bid/97818 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97818 | URL:http://www.securityfocus.com/bid/97818 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97818 | URL:http://www.securityfocus.com/bid/97818 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3465;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97822 | URL:http://www.securityfocus.com/bid/97822 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3467;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97825 | URL:http://www.securityfocus.com/bid/97825 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3468;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97848 | URL:http://www.securityfocus.com/bid/97848 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3529;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99746 | URL:http://www.securityfocus.com/bid/99746 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3599;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.";"EXPLOIT-DB:41954 | URL:https://www.exploit-db.com/exploits/41954/ | MISC:https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97754 | URL:http://www.securityfocus.com/bid/97754 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3599;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.";"EXPLOIT-DB:41954 | URL:https://www.exploit-db.com/exploits/41954/ | MISC:https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97754 | URL:http://www.securityfocus.com/bid/97754 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.54;5;5;54;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | BID:97765 | URL:http://www.securityfocus.com/bid/97765 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.35;5;6;35;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | BID:97765 | URL:http://www.securityfocus.com/bid/97765 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.17;5;7;17;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | BID:97765 | URL:http://www.securityfocus.com/bid/97765 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3633;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99722 | URL:http://www.securityfocus.com/bid/99722 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3633;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99722 | URL:http://www.securityfocus.com/bid/99722 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3634;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99729 | URL:http://www.securityfocus.com/bid/99729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3634;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99729 | URL:http://www.securityfocus.com/bid/99729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.56;5;5;56;CVE-2017-3636;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99736 | URL:http://www.securityfocus.com/bid/99736 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3636;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99736 | URL:http://www.securityfocus.com/bid/99736 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3637;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99748 | URL:http://www.securityfocus.com/bid/99748 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3638;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99778 | URL:http://www.securityfocus.com/bid/99778 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3639;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99753 | URL:http://www.securityfocus.com/bid/99753 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99765 | URL:http://www.securityfocus.com/bid/99765 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.56;5;5;56;CVE-2017-3641;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99767 | URL:http://www.securityfocus.com/bid/99767 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3641;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99767 | URL:http://www.securityfocus.com/bid/99767 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3641;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99767 | URL:http://www.securityfocus.com/bid/99767 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3642;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99779 | URL:http://www.securityfocus.com/bid/99779 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3643;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99772 | URL:http://www.securityfocus.com/bid/99772 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3644;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99775 | URL:http://www.securityfocus.com/bid/99775 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3645;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99783 | URL:http://www.securityfocus.com/bid/99783 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.16;5;7;16;CVE-2017-3646;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99786 | URL:http://www.securityfocus.com/bid/99786 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99796 | URL:http://www.securityfocus.com/bid/99796 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99796 | URL:http://www.securityfocus.com/bid/99796 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.56;5;5;56;CVE-2017-3648;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99789 | URL:http://www.securityfocus.com/bid/99789 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3648;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99789 | URL:http://www.securityfocus.com/bid/99789 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3648;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99789 | URL:http://www.securityfocus.com/bid/99789 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3649;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99799 | URL:http://www.securityfocus.com/bid/99799 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3649;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99799 | URL:http://www.securityfocus.com/bid/99799 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3650;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99808 | URL:http://www.securityfocus.com/bid/99808 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.56;5;5;56;CVE-2017-3651;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99802 | URL:http://www.securityfocus.com/bid/99802 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3651;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99802 | URL:http://www.securityfocus.com/bid/99802 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3651;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99802 | URL:http://www.securityfocus.com/bid/99802 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.56;5;5;56;CVE-2017-3652;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99805 | URL:http://www.securityfocus.com/bid/99805 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3652;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99805 | URL:http://www.securityfocus.com/bid/99805 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3652;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99805 | URL:http://www.securityfocus.com/bid/99805 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.56;5;5;56;CVE-2017-3653;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99810 | URL:http://www.securityfocus.com/bid/99810 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.6.36;5;6;36;CVE-2017-3653;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99810 | URL:http://www.securityfocus.com/bid/99810 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.7.18;5;7;18;CVE-2017-3653;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | BID:99810 | URL:http://www.securityfocus.com/bid/99810 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
-5.5.58;5;5;58;CVE-2018-2562;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102713 | URL:http://www.securityfocus.com/bid/102713 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2562;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102713 | URL:http://www.securityfocus.com/bid/102713 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2018-2562;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102713 | URL:http://www.securityfocus.com/bid/102713 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2565;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102712 | URL:http://www.securityfocus.com/bid/102712 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2573;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102710 | URL:http://www.securityfocus.com/bid/102710 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2573;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102710 | URL:http://www.securityfocus.com/bid/102710 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2576;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102695 | URL:http://www.securityfocus.com/bid/102695 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2583;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102708 | URL:http://www.securityfocus.com/bid/102708 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2583;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102708 | URL:http://www.securityfocus.com/bid/102708 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2586;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102700 | URL:http://www.securityfocus.com/bid/102700 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2590;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102697 | URL:http://www.securityfocus.com/bid/102697 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2590;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102697 | URL:http://www.securityfocus.com/bid/102697 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2591;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | BID:102714 | URL:http://www.securityfocus.com/bid/102714 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.19;5;7;19;CVE-2018-2591;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | BID:102714 | URL:http://www.securityfocus.com/bid/102714 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102696 | URL:http://www.securityfocus.com/bid/102696 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2612;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102709 | URL:http://www.securityfocus.com/bid/102709 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2612;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102709 | URL:http://www.securityfocus.com/bid/102709 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.58;5;5;58;CVE-2018-2622;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102706 | URL:http://www.securityfocus.com/bid/102706 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2622;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102706 | URL:http://www.securityfocus.com/bid/102706 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2622;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102706 | URL:http://www.securityfocus.com/bid/102706 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.58;5;5;58;CVE-2018-2640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102678 | URL:http://www.securityfocus.com/bid/102678 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102678 | URL:http://www.securityfocus.com/bid/102678 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102678 | URL:http://www.securityfocus.com/bid/102678 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2645;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102698 | URL:http://www.securityfocus.com/bid/102698 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2645;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102698 | URL:http://www.securityfocus.com/bid/102698 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2646;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102703 | URL:http://www.securityfocus.com/bid/102703 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102711 | URL:http://www.securityfocus.com/bid/102711 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102711 | URL:http://www.securityfocus.com/bid/102711 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.58;5;5;58;CVE-2018-2665;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102681 | URL:http://www.securityfocus.com/bid/102681 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2665;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102681 | URL:http://www.securityfocus.com/bid/102681 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2665;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102681 | URL:http://www.securityfocus.com/bid/102681 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2667;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102685 | URL:http://www.securityfocus.com/bid/102685 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.58;5;5;58;CVE-2018-2668;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102682 | URL:http://www.securityfocus.com/bid/102682 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2668;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102682 | URL:http://www.securityfocus.com/bid/102682 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2668;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102682 | URL:http://www.securityfocus.com/bid/102682 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2696;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102701 | URL:http://www.securityfocus.com/bid/102701 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2696;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102701 | URL:http://www.securityfocus.com/bid/102701 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.38;5;6;38;CVE-2018-2703;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102704 | URL:http://www.securityfocus.com/bid/102704 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.20;5;7;20;CVE-2018-2703;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102704 | URL:http://www.securityfocus.com/bid/102704 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.59;5;5;59;CVE-2018-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103807 | URL:http://www.securityfocus.com/bid/103807 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103807 | URL:http://www.securityfocus.com/bid/103807 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103807 | URL:http://www.securityfocus.com/bid/103807 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2758;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103802 | URL:http://www.securityfocus.com/bid/103802 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2758;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103802 | URL:http://www.securityfocus.com/bid/103802 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2759;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103780 | URL:http://www.securityfocus.com/bid/103780 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.59;5;5;59;CVE-2018-2761;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103820 | URL:http://www.securityfocus.com/bid/103820 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2761;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103820 | URL:http://www.securityfocus.com/bid/103820 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2761;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103820 | URL:http://www.securityfocus.com/bid/103820 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2762;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103794 | URL:http://www.securityfocus.com/bid/103794 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2766;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103805 | URL:http://www.securityfocus.com/bid/103805 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2766;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103805 | URL:http://www.securityfocus.com/bid/103805 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.60;5;5;60;CVE-2018-2767;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:103954 | URL:http://www.securityfocus.com/bid/103954 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.40;5;6;40;CVE-2018-2767;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:103954 | URL:http://www.securityfocus.com/bid/103954 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-2767;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:103954 | URL:http://www.securityfocus.com/bid/103954 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2769;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103876 | URL:http://www.securityfocus.com/bid/103876 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.59;5;5;59;CVE-2018-2771;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103828 | URL:http://www.securityfocus.com/bid/103828 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2771;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103828 | URL:http://www.securityfocus.com/bid/103828 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2771;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103828 | URL:http://www.securityfocus.com/bid/103828 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.59;5;5;59;CVE-2018-2773;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103811 | URL:http://www.securityfocus.com/bid/103811 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2773;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103811 | URL:http://www.securityfocus.com/bid/103811 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2773;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103811 | URL:http://www.securityfocus.com/bid/103811 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2775;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103777 | URL:http://www.securityfocus.com/bid/103777 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2776;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103791 | URL:http://www.securityfocus.com/bid/103791 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2777;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103781 | URL:http://www.securityfocus.com/bid/103781 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2778;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103785 | URL:http://www.securityfocus.com/bid/103785 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2779;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103787 | URL:http://www.securityfocus.com/bid/103787 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2780;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103778 | URL:http://www.securityfocus.com/bid/103778 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.59;5;5;59;CVE-2018-2781;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103825 | URL:http://www.securityfocus.com/bid/103825 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2781;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103825 | URL:http://www.securityfocus.com/bid/103825 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2781;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103825 | URL:http://www.securityfocus.com/bid/103825 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2782;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103799 | URL:http://www.securityfocus.com/bid/103799 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2782;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103799 | URL:http://www.securityfocus.com/bid/103799 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2784;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103801 | URL:http://www.securityfocus.com/bid/103801 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2784;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103801 | URL:http://www.securityfocus.com/bid/103801 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2786;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103779 | URL:http://www.securityfocus.com/bid/103779 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2787;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103804 | URL:http://www.securityfocus.com/bid/103804 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2787;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103804 | URL:http://www.securityfocus.com/bid/103804 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2805;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: GIS Extension). Supported versions that are affected are 5.6.39 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | BID:103831 | URL:http://www.securityfocus.com/bid/103831 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2810;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103783 | URL:http://www.securityfocus.com/bid/103783 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2812;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103836 | URL:http://www.securityfocus.com/bid/103836 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.59;5;5;59;CVE-2018-2813;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103830 | URL:http://www.securityfocus.com/bid/103830 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2813;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103830 | URL:http://www.securityfocus.com/bid/103830 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2813;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103830 | URL:http://www.securityfocus.com/bid/103830 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2816;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103789 | URL:http://www.securityfocus.com/bid/103789 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.59;5;5;59;CVE-2018-2817;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103818 | URL:http://www.securityfocus.com/bid/103818 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2817;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103818 | URL:http://www.securityfocus.com/bid/103818 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2817;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103818 | URL:http://www.securityfocus.com/bid/103818 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.59;5;5;59;CVE-2018-2818;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103824 | URL:http://www.securityfocus.com/bid/103824 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2818;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103824 | URL:http://www.securityfocus.com/bid/103824 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2818;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103824 | URL:http://www.securityfocus.com/bid/103824 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.59;5;5;59;CVE-2018-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103814 | URL:http://www.securityfocus.com/bid/103814 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.39;5;6;39;CVE-2018-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103814 | URL:http://www.securityfocus.com/bid/103814 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103814 | URL:http://www.securityfocus.com/bid/103814 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2839;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103845 | URL:http://www.securityfocus.com/bid/103845 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.21;5;7;21;CVE-2018-2846;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/ | BID:103790 | URL:http://www.securityfocus.com/bid/103790 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3054;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3054;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3056;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3056;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.60;5;5;60;CVE-2018-3058;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104766 | URL:http://www.securityfocus.com/bid/104766 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.40;5;6;40;CVE-2018-3058;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104766 | URL:http://www.securityfocus.com/bid/104766 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3058;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104766 | URL:http://www.securityfocus.com/bid/104766 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3060;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3060;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3061;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104785 | URL:http://www.securityfocus.com/bid/104785 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.40;5;6;40;CVE-2018-3062;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104776 | URL:http://www.securityfocus.com/bid/104776 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3062;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104776 | URL:http://www.securityfocus.com/bid/104776 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3062;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104776 | URL:http://www.securityfocus.com/bid/104776 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.60;5;5;60;CVE-2018-3063;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104786 | URL:http://www.securityfocus.com/bid/104786 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.40;5;6;40;CVE-2018-3064;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104776 | URL:http://www.securityfocus.com/bid/104776 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3064;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104776 | URL:http://www.securityfocus.com/bid/104776 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3064;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104776 | URL:http://www.securityfocus.com/bid/104776 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3065;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3065;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.60;5;5;60;CVE-2018-3066;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104766 | URL:http://www.securityfocus.com/bid/104766 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.40;5;6;40;CVE-2018-3066;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104766 | URL:http://www.securityfocus.com/bid/104766 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3066;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).";"MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104766 | URL:http://www.securityfocus.com/bid/104766 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3067;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | BID:104772 | URL:http://www.securityfocus.com/bid/104772 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.5.60;5;5;60;CVE-2018-3070;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104766 | URL:http://www.securityfocus.com/bid/104766 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.6.40;5;6;40;CVE-2018-3070;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104766 | URL:http://www.securityfocus.com/bid/104766 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3070;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/ | BID:104766 | URL:http://www.securityfocus.com/bid/104766 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3071;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Audit Log). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104784 | URL:http://www.securityfocus.com/bid/104784 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3073;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | BID:104772 | URL:http://www.securityfocus.com/bid/104772 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3074;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | BID:104772 | URL:http://www.securityfocus.com/bid/104772 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3075;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | BID:104772 | URL:http://www.securityfocus.com/bid/104772 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-5.7.22;5;7;22;CVE-2018-3077;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3077;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | BID:104769 | URL:http://www.securityfocus.com/bid/104769 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3078;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | BID:104772 | URL:http://www.securityfocus.com/bid/104772 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3079;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | BID:104772 | URL:http://www.securityfocus.com/bid/104772 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3080;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | BID:104772 | URL:http://www.securityfocus.com/bid/104772 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3082;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | BID:104772 | URL:http://www.securityfocus.com/bid/104772 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-8.0.11;8;0;11;CVE-2018-3084;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Core / Client). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 2.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | BID:104788 | URL:http://www.securityfocus.com/bid/104788 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";
-0.37.12;0;37;12;CVE-2018-6617;Candidate;"Easy Hosting Control Panel (EHCP) v0.37.12.b; when using a local MySQL server; allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password.";"MISC:http://hyp3rlinx.altervista.org/advisories/EHCP-v0.37.12.b-UNVERIFIED-PASSWORD-CHANGE.txt | MISC:http://packetstormsecurity.com/files/147558/Easy-Hosting-Control-Panel-0.37.12.b-Unverified-Password-Change.html";Assigned (20180204);"None (candidate not yet proposed)";
+4.0.20;4;0;20;CVE-2004-0457;Candidate;"The mysqlhotcopy script in mysql 4.0.20 and earlier; when using the scp method from the mysql-server package; allows local users to overwrite arbitrary files via a symlink attack on temporary files.";"CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | CONFIRM:http://packages.debian.org/changelogs/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20-11/changelog | DEBIAN:DSA-540 | URL:http://www.debian.org/security/2004/dsa-540 | OVAL:oval:org.mitre.oval:def:10693 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10693 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | XF:mysql-mysqlhotcopy-insecure-file(17030) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/17030";Assigned (20040506);"None (candidate not yet proposed)";""
+4.0.20;4;0;20;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"BID:10981 | URL:http://www.securityfocus.com/bid/10981 | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | XF:mysql-realconnect-bo(17047) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/17047";Assigned (20040908);"None (candidate not yet proposed)";""
+3.23.48;3;23;48;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"BID:10981 | URL:http://www.securityfocus.com/bid/10981 | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | XF:mysql-realconnect-bo(17047) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/17047";Assigned (20040908);"None (candidate not yet proposed)";""
+4.1.9;4;1;9;CVE-2005-0799;Candidate;"MySQL 4.1.9; and possibly earlier versions; allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.";"BUGTRAQ:20050315 Denial of Service Vulnerability in MySQL Server for Windows | URL:http://marc.info/?l=bugtraq&m=111091250923281&w=2 | CONFIRM:http://bugs.mysql.com/bug.php?id=9148 | SECUNIA:14564 | URL:http://secunia.com/advisories/14564";Assigned (20050320);"None (candidate not yet proposed)";""
+4.1.20;4;1;20;CVE-2006-3469;Candidate;"Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function; which is later used in a formatted print call to display the error message.";"APPLE:APPLE-SA-2007-03-13 | URL:http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html | BID:19032 | URL:http://www.securityfocus.com/bid/19032 | CERT:TA07-072A | URL:http://www.us-cert.gov/cas/techalerts/TA07-072A.html | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html | CONFIRM:http://docs.info.apple.com/article.html?artnum=305214 | DEBIAN:DSA-1112 | URL:http://www.debian.org/security/2006/dsa-1112 | GENTOO:GLSA-200608-09 | URL:http://security.gentoo.org/glsa/glsa-200608-09.xml | MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694 | MISC:http://bugs.mysql.com/bug.php?id=20729 | OVAL:oval:org.mitre.oval:def:9827 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9827 | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | SECUNIA:21147 | URL:http://secunia.com/advisories/21147 | SECUNIA:21366 | URL:http://secunia.com/advisories/21366 | SECUNIA:24479 | URL:http://secunia.com/advisories/24479 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | UBUNTU:USN-321-1 | URL:http://www.ubuntu.com/usn/usn-321-1 | VUPEN:ADV-2007-0930 | URL:http://www.vupen.com/english/advisories/2007/0930";Assigned (20060710);"None (candidate not yet proposed)";""
+4.1.22;4;1;22;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | MISC:http://bugs.mysql.com/bug.php?id=27515 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:https://usn.ubuntu.com/528-1/ | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";""
+5.0.41;5;0;41;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | MISC:http://bugs.mysql.com/bug.php?id=27515 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:https://usn.ubuntu.com/528-1/ | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";""
+5.1.17;5;1;17;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | MISC:http://bugs.mysql.com/bug.php?id=27515 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:https://usn.ubuntu.com/528-1/ | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";""
+5.0.44;5;0;44;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | MISC:http://bugs.mysql.com/bug.php?id=27515 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:https://usn.ubuntu.com/528-1/ | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";""
+5.0.39;5;0;39;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BID:24011 | URL:http://www.securityfocus.com/bid/24011 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | MISC:http://bugs.mysql.com/bug.php?id=27337 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | XF:mysql-changedb-privilege-escalation(34348) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34348";Assigned (20070515);"None (candidate not yet proposed)";""
+5.1.17;5;1;17;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BID:24011 | URL:http://www.securityfocus.com/bid/24011 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | MISC:http://bugs.mysql.com/bug.php?id=27337 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | XF:mysql-changedb-privilege-escalation(34348) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34348";Assigned (20070515);"None (candidate not yet proposed)";""
+5.0.44;5;0;44;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BID:24011 | URL:http://www.securityfocus.com/bid/24011 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | MISC:http://bugs.mysql.com/bug.php?id=27337 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | XF:mysql-changedb-privilege-escalation(34348) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34348";Assigned (20070515);"None (candidate not yet proposed)";""
+5.0.44;5;0;44;CVE-2007-3780;Candidate;"MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.";"BID:25017 | URL:http://www.securityfocus.com/bid/25017 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | MISC:http://bugs.mysql.com/bug.php?id=28984 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OSVDB:36732 | URL:http://osvdb.org/36732 | OVAL:oval:org.mitre.oval:def:11058 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11058 | REDHAT:RHSA-2007:0875 | URL:http://www.redhat.com/support/errata/RHSA-2007-0875.html | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | SECTRACK:1018629 | URL:http://www.securitytracker.com/id?1018629 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:26621 | URL:http://secunia.com/advisories/26621 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:https://usn.ubuntu.com/528-1/ | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references";Assigned (20070715);"None (candidate not yet proposed)";""
+5.0.44;5;0;44;CVE-2007-3781;Candidate;"MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement; which allows remote authenticated users to obtain sensitive information such as the table structure.";"BID:25017 | URL:http://www.securityfocus.com/bid/25017 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | MISC:http://bugs.mysql.com/bug.php?id=25578 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OSVDB:37783 | URL:http://osvdb.org/37783 | OVAL:oval:org.mitre.oval:def:9195 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9195 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | UBUNTU:USN-559-1 | URL:https://usn.ubuntu.com/559-1/";Assigned (20070715);"None (candidate not yet proposed)";""
+5.0.44;5;0;44;CVE-2007-3782;Candidate;"MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.";"BID:25017 | URL:http://www.securityfocus.com/bid/25017 | BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/473874/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=27878 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | OVAL:oval:org.mitre.oval:def:10563 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10563 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SECTRACK:1018663 | URL:http://securitytracker.com/id?1018663 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:https://usn.ubuntu.com/528-1/";Assigned (20070715);"None (candidate not yet proposed)";""
+5.0.50;5;0;50;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/486477/100/0/threaded | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:http://support.apple.com/kb/HT3216 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:https://usn.ubuntu.com/559-1/ | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780";Assigned (20071114);"None (candidate not yet proposed)";""
+5.0.51;5;0;51;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/486477/100/0/threaded | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:http://support.apple.com/kb/HT3216 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:https://usn.ubuntu.com/559-1/ | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780";Assigned (20071114);"None (candidate not yet proposed)";""
+5.1.22;5;1;22;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/486477/100/0/threaded | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:http://support.apple.com/kb/HT3216 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:https://usn.ubuntu.com/559-1/ | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780";Assigned (20071114);"None (candidate not yet proposed)";""
+6.0.3;6;0;3;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/486477/100/0/threaded | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:http://support.apple.com/kb/HT3216 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:https://usn.ubuntu.com/559-1/ | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780";Assigned (20071114);"None (candidate not yet proposed)";""
+5.0.50;5;0;50;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BID:26832 | URL:http://www.securityfocus.com/bid/26832 | BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | XF:mysql-definer-value-privilege-escalation(38989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38989";Assigned (20071210);"None (candidate not yet proposed)";""
+5.1.22;5;1;22;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BID:26832 | URL:http://www.securityfocus.com/bid/26832 | BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | XF:mysql-definer-value-privilege-escalation(38989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38989";Assigned (20071210);"None (candidate not yet proposed)";""
+6.0.3;6;0;3;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BID:26832 | URL:http://www.securityfocus.com/bid/26832 | BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | XF:mysql-definer-value-privilege-escalation(38989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38989";Assigned (20071210);"None (candidate not yet proposed)";""
+5.0.50;5;0;50;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BID:26832 | URL:http://www.securityfocus.com/bid/26832 | BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | OSVDB:42609 | URL:http://osvdb.org/42609 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:https://usn.ubuntu.com/559-1/ | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | XF:mysql-federated-engine-dos(38990) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38990";Assigned (20071210);"None (candidate not yet proposed)";""
+5.1.22;5;1;22;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BID:26832 | URL:http://www.securityfocus.com/bid/26832 | BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | OSVDB:42609 | URL:http://osvdb.org/42609 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:https://usn.ubuntu.com/559-1/ | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | XF:mysql-federated-engine-dos(38990) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38990";Assigned (20071210);"None (candidate not yet proposed)";""
+6.0.3;6;0;3;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BID:26832 | URL:http://www.securityfocus.com/bid/26832 | BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | OSVDB:42609 | URL:http://osvdb.org/42609 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:https://usn.ubuntu.com/559-1/ | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | XF:mysql-federated-engine-dos(38990) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38990";Assigned (20071210);"None (candidate not yet proposed)";""
+5.1.22;5;1;22;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | OSVDB:43179 | URL:http://osvdb.org/43179 | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references";Assigned (20071211);"None (candidate not yet proposed)";""
+6.0.3;6;0;3;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | OSVDB:43179 | URL:http://osvdb.org/43179 | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references";Assigned (20071211);"None (candidate not yet proposed)";""
+5.0.65;5;0;65;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | OVAL:oval:org.mitre.oval:def:10521 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | XF:mysql-bitstring-dos(45042) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45042";Assigned (20080909);"None (candidate not yet proposed)";""
+5.1.25;5;1;25;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | OVAL:oval:org.mitre.oval:def:10521 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | XF:mysql-bitstring-dos(45042) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45042";Assigned (20080909);"None (candidate not yet proposed)";""
+6.0.5;6;0;5;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | OVAL:oval:org.mitre.oval:def:10521 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | XF:mysql-bitstring-dos(45042) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45042";Assigned (20080909);"None (candidate not yet proposed)";""
+5.0.87;5;0;87;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | OVAL:oval:org.mitre.oval:def:10940 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8510 | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";""
+5.1.40;5;1;40;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | OVAL:oval:org.mitre.oval:def:10940 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8510 | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";""
+1.9.8;1;9;8;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_demo.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://intevydis.com/vd-list.shtml | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";""
+5.0.89;5;0;89;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_demo.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://intevydis.com/vd-list.shtml | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";""
+5.1.42;5;1;42;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_demo.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://intevydis.com/vd-list.shtml | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";""
+5.5.-1;5;5;-1;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_demo.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://intevydis.com/vd-list.shtml | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";""
+5.0.50;5;0;50;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_demo.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://intevydis.com/vd-list.shtml | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";""
+37.1.0;37;1;0;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_demo.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://intevydis.com/vd-list.shtml | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";""
+5.0.92;5;0;92;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html";Assigned (20101209);"None (candidate not yet proposed)";""
+5.1.49;5;1;49;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html";Assigned (20101209);"None (candidate not yet proposed)";""
+5.1.47;5;1;47;CVE-2010-2008;Candidate;"MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot); .. (dot dot); ../ (dot dot slash) or similar sequence; and an UPGRADE DATA DIRECTORY NAME command; which causes MySQL to move certain directories to the server data directory.";"BID:41198 | URL:http://www.securityfocus.com/bid/41198 | CONFIRM:http://bugs.mysql.com/bug.php?id=53804 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html | FEDORA:FEDORA-2010-11135 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html | MANDRIVA:MDVSA-2010:155 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 | OVAL:oval:org.mitre.oval:def:11869 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11869 | SECTRACK:1024160 | URL:http://www.securitytracker.com/id?1024160 | SECUNIA:40333 | URL:http://secunia.com/advisories/40333 | SECUNIA:40762 | URL:http://secunia.com/advisories/40762 | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2010-1918 | URL:http://www.vupen.com/english/advisories/2010/1918";Assigned (20100521);"None (candidate not yet proposed)";""
+5.0.91;5;0;91;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=55826 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64845";Assigned (20101007);"None (candidate not yet proposed)";""
+5.1.50;5;1;50;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=55826 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64845";Assigned (20101007);"None (candidate not yet proposed)";""
+5.5.5;5;5;5;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=55826 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64845";Assigned (20101007);"None (candidate not yet proposed)";""
+5.0.91;5;0;91;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=55568 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64844";Assigned (20101007);"None (candidate not yet proposed)";""
+5.1.50;5;1;50;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=55568 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64844";Assigned (20101007);"None (candidate not yet proposed)";""
+5.5.5;5;5;5;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=55568 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64844";Assigned (20101007);"None (candidate not yet proposed)";""
+5.1.50;5;1;50;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=55564 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64843";Assigned (20101007);"None (candidate not yet proposed)";""
+5.5.5;5;5;5;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=55564 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64843";Assigned (20101007);"None (candidate not yet proposed)";""
+5.0.91;5;0;91;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64842";Assigned (20101007);"None (candidate not yet proposed)";""
+5.1.50;5;1;50;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64842";Assigned (20101007);"None (candidate not yet proposed)";""
+5.5.5;5;5;5;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64842";Assigned (20101007);"None (candidate not yet proposed)";""
+5.0.91;5;0;91;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64841";Assigned (20101007);"None (candidate not yet proposed)";""
+5.1.50;5;1;50;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64841";Assigned (20101007);"None (candidate not yet proposed)";""
+5.5.5;5;5;5;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64841";Assigned (20101007);"None (candidate not yet proposed)";""
+5.0.91;5;0;91;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=54461 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64840";Assigned (20101007);"None (candidate not yet proposed)";""
+5.1.50;5;1;50;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=54461 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64840";Assigned (20101007);"None (candidate not yet proposed)";""
+5.5.5;5;5;5;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:http://support.apple.com/kb/HT4723 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://bugs.mysql.com/bug.php?id=54461 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64840";Assigned (20101007);"None (candidate not yet proposed)";""
+5.1.50;5;1;50;CVE-2010-3840;Candidate;"The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.";"BID:43676 | URL:http://www.securityfocus.com/bid/43676 | CONFIRM:http://bugs.mysql.com/bug.php?id=51875 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640865 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | MISC:http://lists.mysql.com/commits/117094 | REDHAT:RHSA-2010:0824 | URL:http://www.redhat.com/support/errata/RHSA-2010-0824.html | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-gislinestringinitfromwkb-dos(64838) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64838";Assigned (20101007);"None (candidate not yet proposed)";""
+0.9.3;0;9;3;CVE-2011-0432;Candidate;"Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.";"BID:46655 | URL:http://www.securityfocus.com/bid/46655 | CONFIRM:http://code.google.com/p/pywebdav/updates/list | CONFIRM:http://pywebdav.googlecode.com/files/PyWebDAV-0.9.4.1.tar.gz | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=677718 | DEBIAN:DSA-2177 | URL:http://www.debian.org/security/2011/dsa-2177 | FEDORA:FEDORA-2011-2427 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055444.html | FEDORA:FEDORA-2011-2460 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055412.html | FEDORA:FEDORA-2011-2470 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055413.html | SECUNIA:43571 | URL:http://secunia.com/advisories/43571 | SECUNIA:43602 | URL:http://secunia.com/advisories/43602 | SECUNIA:43703 | URL:http://secunia.com/advisories/43703 | VUPEN:ADV-2011-0553 | URL:http://www.vupen.com/english/advisories/2011/0553 | VUPEN:ADV-2011-0554 | URL:http://www.vupen.com/english/advisories/2011/0554 | VUPEN:ADV-2011-0634 | URL:http://www.vupen.com/english/advisories/2011/0634";Assigned (20110112);"None (candidate not yet proposed)";""
+5.1.62;5;1;62;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"BID:54551 | URL:http://www.securityfocus.com/bid/54551 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OSVDB:83976 | URL:http://osvdb.org/83976 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77061";Assigned (20120111);"None (candidate not yet proposed)";""
+5.5.23;5;5;23;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"BID:54551 | URL:http://www.securityfocus.com/bid/54551 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OSVDB:83976 | URL:http://osvdb.org/83976 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77061";Assigned (20120111);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2012-0572;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16792 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16792 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120111);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2012-0572;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16792 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16792 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120111);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2012-0574;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | HP:HPSBUX02824 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | HP:SSRT100970 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17266 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17266 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120111);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2012-0574;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | HP:HPSBUX02824 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | HP:SSRT100970 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17266 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17266 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120111);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2012-0578;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16947 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16947 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120111);"None (candidate not yet proposed)";""
+5.1.60;5;1;60;CVE-2012-0583;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier; and 5.5.19 and earlier; allows remote authenticated users to affect availability; related to MyISAM.";"BID:53061 | URL:http://www.securityfocus.com/bid/53061 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";""
+5.5.19;5;5;19;CVE-2012-0583;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier; and 5.5.19 and earlier; allows remote authenticated users to affect availability; related to MyISAM.";"BID:53061 | URL:http://www.securityfocus.com/bid/53061 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";""
+5.1.61;5;1;61;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"BID:53067 | URL:http://www.securityfocus.com/bid/53067 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.21;5;5;21;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"BID:53067 | URL:http://www.securityfocus.com/bid/53067 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";""
+5.1.62;5;1;62;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"BID:54547 | URL:http://www.securityfocus.com/bid/54547 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OSVDB:83980 | URL:http://osvdb.org/83980 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77065";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.22;5;5;22;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"BID:54547 | URL:http://www.securityfocus.com/bid/54547 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OSVDB:83980 | URL:http://osvdb.org/83980 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77065";Assigned (20120316);"None (candidate not yet proposed)";""
+5.1.61;5;1;61;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"BID:53074 | URL:http://www.securityfocus.com/bid/53074 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.21;5;5;21;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"BID:53074 | URL:http://www.securityfocus.com/bid/53074 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.19;5;5;19;CVE-2012-1696;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"BID:53071 | URL:http://www.securityfocus.com/bid/53071 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.21;5;5;21;CVE-2012-1697;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"BID:53064 | URL:http://www.securityfocus.com/bid/53064 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17186 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17186 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17186 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17186 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120316);"None (candidate not yet proposed)";""
+5.1.61;5;1;61;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"BID:53058 | URL:http://www.securityfocus.com/bid/53058 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.21;5;5;21;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"BID:53058 | URL:http://www.securityfocus.com/bid/53058 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17268 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17268 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17268 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17268 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120316);"None (candidate not yet proposed)";""
+5.1.62;5;1;62;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"BID:54540 | URL:http://www.securityfocus.com/bid/54540 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OSVDB:83979 | URL:http://osvdb.org/83979 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77064";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.23;5;5;23;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"BID:54540 | URL:http://www.securityfocus.com/bid/54540 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OSVDB:83979 | URL:http://osvdb.org/83979 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77064";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.23;5;5;23;CVE-2012-1735;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"BID:54549 | URL:http://www.securityfocus.com/bid/54549 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OSVDB:83975 | URL:http://osvdb.org/83975 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-serveroptimizer-dos(77060) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77060";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.23;5;5;23;CVE-2012-1756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"BID:54524 | URL:http://www.securityfocus.com/bid/54524 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OSVDB:83978 | URL:http://osvdb.org/83978 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-server1-dos(77063) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77063";Assigned (20120316);"None (candidate not yet proposed)";""
+5.5.23;5;5;23;CVE-2012-1757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"BID:54526 | URL:http://www.securityfocus.com/bid/54526 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OSVDB:83977 | URL:http://osvdb.org/83977 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-innodb1-dos(77062) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77062";Assigned (20120316);"None (candidate not yet proposed)";""
+5.1.61;5;1;61;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"BID:52931 | URL:http://www.securityfocus.com/bid/52931 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";""
+5.5.21;5;5;21;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"BID:52931 | URL:http://www.securityfocus.com/bid/52931 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";""
+97.15.14;97;15;14;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"BID:52931 | URL:http://www.securityfocus.com/bid/52931 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";""
+5.5.26;5;5;26;CVE-2012-3144;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-server-cve20123144-dos(79387) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79387";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.26;5;5;26;CVE-2012-3147;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-client-cve20123147(79384) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79384";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.26;5;5;26;CVE-2012-3149;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-client-info-disc(79390) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79390";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.64;5;1;64;CVE-2012-3150;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-opt-dos(79388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79388";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.26;5;5;26;CVE-2012-3150;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-opt-dos(79388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79388";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.25;5;5;25;CVE-2012-3156;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.64;5;1;64;CVE-2012-3158;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Protocol.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-protocol-cve20123158(79382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79382";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.26;5;5;26;CVE-2012-3158;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Protocol.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-protocol-cve20123158(79382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79382";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.65;5;1;65;CVE-2012-3160;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows local users to affect confidentiality via unknown vectors related to Server Installation.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-serverinstallation-info-disc(79394) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79394";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.27;5;5;27;CVE-2012-3160;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows local users to affect confidentiality via unknown vectors related to Server Installation.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-serverinstallation-info-disc(79394) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79394";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.64;5;1;64;CVE-2012-3163;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Information Schema.";"CONFIRM:http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SECUNIA:56509 | URL:http://secunia.com/advisories/56509 | SECUNIA:56513 | URL:http://secunia.com/advisories/56513 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-informationschema-cve20123163(79381) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79381";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.26;5;5;26;CVE-2012-3163;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Information Schema.";"CONFIRM:http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SECUNIA:56509 | URL:http://secunia.com/advisories/56509 | SECUNIA:56513 | URL:http://secunia.com/advisories/56513 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-informationschema-cve20123163(79381) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79381";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.63;5;1;63;CVE-2012-3166;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.25;5;5;25;CVE-2012-3166;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.63;5;1;63;CVE-2012-3167;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-serverfulltextsearch-dos(79392) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79392";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.25;5;5;25;CVE-2012-3167;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-serverfulltextsearch-dos(79392) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79392";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.63;5;1;63;CVE-2012-3173;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-innodbplugin-dos(79386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79386";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.25;5;5;25;CVE-2012-3173;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-innodbplugin-dos(79386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79386";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.65;5;1;65;CVE-2012-3177;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-server-dos(79383) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79383";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.27;5;5;27;CVE-2012-3177;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-server-dos(79383) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79383";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.65;5;1;65;CVE-2012-3180;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-optimize-dos(79389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79389";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.27;5;5;27;CVE-2012-3180;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-optimize-dos(79389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79389";Assigned (20120606);"None (candidate not yet proposed)";""
+5.1.64;5;1;64;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-serverreplication-dos(79393) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79393";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.26;5;5;26;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | XF:mysqlserver-serverreplication-dos(79393) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79393";Assigned (20120606);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"BID:55498 | URL:http://www.securityfocus.com/bid/55498 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html";Assigned (20120821);"None (candidate not yet proposed)";""
+5.1.61;5;1;61;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"BID:55498 | URL:http://www.securityfocus.com/bid/55498 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html";Assigned (20120821);"None (candidate not yet proposed)";""
+5.2.11;5;2;11;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"BID:55498 | URL:http://www.securityfocus.com/bid/55498 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html";Assigned (20120821);"None (candidate not yet proposed)";""
+5.3.6;5;3;6;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"BID:55498 | URL:http://www.securityfocus.com/bid/55498 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html";Assigned (20120821);"None (candidate not yet proposed)";""
+5.5.24;5;5;24;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"BID:55498 | URL:http://www.securityfocus.com/bid/55498 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html";Assigned (20120821);"None (candidate not yet proposed)";""
+5.1.65;5;1;65;CVE-2012-5060;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120921);"None (candidate not yet proposed)";""
+5.5.27;5;5;27;CVE-2012-5060;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120921);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2012-5096;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16877 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16877 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20120922);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2013-0367;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17077 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17077 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2013-0368;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17255 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17255 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2013-0371;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16451 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16451 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2013-0375;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.1.28 and earlier; allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17175 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17175 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.1.28;5;1;28;CVE-2013-0375;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.1.28 and earlier; allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:17175 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17175 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2013-0383;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote attackers to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16758 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16758 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2013-0383;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote attackers to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16758 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16758 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2013-0384;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16632 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16632 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2013-0384;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16632 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16632 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2013-0385;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16267 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16267 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2013-0385;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16267 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16267 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2013-0386;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16835 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16835 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16825 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16825 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | OVAL:oval:org.mitre.oval:def:16825 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16825 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1";Assigned (20121207);"None (candidate not yet proposed)";""
+5.5.30;5;5;30;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.6.9;5;6;9;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.1.67;5;1;67;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.5.29;5;5;29;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.1.67;5;1;67;CVE-2013-1521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.5.29;5;5;29;CVE-2013-1521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.5.29;5;5;29;CVE-2013-1523;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-1523;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.5.29;5;5;29;CVE-2013-1526;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.1.66;5;1;66;CVE-2013-1531;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.5.28;5;5;28;CVE-2013-1531;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.1.63;5;1;63;CVE-2013-1548;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.1.67;5;1;67;CVE-2013-1555;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; and 5.5.29 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.5.29;5;5;29;CVE-2013-1555;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; and 5.5.29 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";""
+5.5.29;5;5;29;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"BID:58511 | URL:http://www.securityfocus.com/bid/58511 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";""
+5.3.12;5;3;12;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"BID:58511 | URL:http://www.securityfocus.com/bid/58511 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";""
+5.2.14;5;2;14;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"BID:58511 | URL:http://www.securityfocus.com/bid/58511 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";""
+5.1.67;5;1;67;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"BID:58511 | URL:http://www.securityfocus.com/bid/58511 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";""
+5.1.68;5;1;68;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"BID:58511 | URL:http://www.securityfocus.com/bid/58511 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";""
+5.5.30;5;5;30;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"BID:58511 | URL:http://www.securityfocus.com/bid/58511 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"BID:58511 | URL:http://www.securityfocus.com/bid/58511 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-2381;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";""
+5.1.68;5;1;68;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";""
+5.5.30;5;5;30;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";""
+5.1.68;5;1;68;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";""
+5.5.30;5;5;30;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";""
+5.5.31;5;5;31;CVE-2013-3783;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.";"BID:61210 | URL:http://www.securityfocus.com/bid/61210 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | OSVDB:95332 | URL:http://osvdb.org/95332 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133783(85719) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85719";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.31;5;5;31;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"BID:61264 | URL:http://www.securityfocus.com/bid/61264 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85710";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"BID:61264 | URL:http://www.securityfocus.com/bid/61264 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85710";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.30;5;5;30;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"BID:61222 | URL:http://www.securityfocus.com/bid/61222 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95333 | URL:http://osvdb.org/95333 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"BID:61222 | URL:http://www.securityfocus.com/bid/61222 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95333 | URL:http://osvdb.org/95333 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3795;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"BID:61241 | URL:http://www.securityfocus.com/bid/61241 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95324 | URL:http://osvdb.org/95324 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3796;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"BID:61233 | URL:http://www.securityfocus.com/bid/61233 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95329 | URL:http://osvdb.org/95329 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3798;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.";"BID:61274 | URL:http://www.securityfocus.com/bid/61274 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95321 | URL:http://osvdb.org/95321 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.30;5;5;30;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"BID:61269 | URL:http://www.securityfocus.com/bid/61269 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95331 | URL:http://osvdb.org/95331 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"BID:61269 | URL:http://www.securityfocus.com/bid/61269 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95331 | URL:http://osvdb.org/95331 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html";Assigned (20130603);"None (candidate not yet proposed)";""
+5.1.69;5;1;69;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"BID:61244 | URL:http://www.securityfocus.com/bid/61244 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85712";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.31;5;5;31;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"BID:61244 | URL:http://www.securityfocus.com/bid/61244 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85712";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"BID:61244 | URL:http://www.securityfocus.com/bid/61244 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85712";Assigned (20130603);"None (candidate not yet proposed)";""
+5.1.69;5;1;69;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85715";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.31;5;5;31;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85715";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85715";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.30;5;5;30;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95327 | URL:http://osvdb.org/95327 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95327 | URL:http://osvdb.org/95327 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3806;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3811.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95326 | URL:http://osvdb.org/95326 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | XF:oracle-cpujuly2013-cve20133806(85713) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85713";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3807;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95334 | URL:http://osvdb.org/95334 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | XF:oracle-cpujuly2013-cve20133807(85721) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85721";Assigned (20130603);"None (candidate not yet proposed)";""
+5.1.68;5;1;68;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | XF:oracle-cpujuly2013-cve20133808(85717) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85717";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.30;5;5;30;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | XF:oracle-cpujuly2013-cve20133808(85717) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85717";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | XF:oracle-cpujuly2013-cve20133808(85717) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85717";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.31;5;5;31;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85709";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85709";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3810;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95337 | URL:http://osvdb.org/95337 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | XF:oracle-cpujuly2013-cve20133810(85724) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85724";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3811;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3806.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | OSVDB:95335 | URL:http://osvdb.org/95335 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | XF:oracle-cpujuly2013-cve20133811(85722) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85722";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.31;5;5;31;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85723";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85723";Assigned (20130603);"None (candidate not yet proposed)";""
+5.1.70;5;1;70;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:63109 | URL:http://www.securityfocus.com/bid/63109 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291 | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1";Assigned (20130603);"None (candidate not yet proposed)";""
+5.5.32;5;5;32;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:63109 | URL:http://www.securityfocus.com/bid/63109 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291 | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.12;5;6;12;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:63109 | URL:http://www.securityfocus.com/bid/63109 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291 | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1";Assigned (20130603);"None (candidate not yet proposed)";""
+5.6.12;5;6;12;CVE-2013-5767;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:63113 | URL:http://www.securityfocus.com/bid/63113 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.11;5;6;11;CVE-2013-5770;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"BID:63119 | URL:http://www.securityfocus.com/bid/63119 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.12;5;6;12;CVE-2013-5786;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5793.";"BID:63107 | URL:http://www.securityfocus.com/bid/63107 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.12;5;6;12;CVE-2013-5793;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5786.";"BID:63116 | URL:http://www.securityfocus.com/bid/63116 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";""
+5.5.32;5;5;32;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"BID:63105 | URL:http://www.securityfocus.com/bid/63105 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.12;5;6;12;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"BID:63105 | URL:http://www.securityfocus.com/bid/63105 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.14;5;6;14;CVE-2013-5860;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64864 | URL:http://www.securityfocus.com/bid/64864 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135860(90373) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90373";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.14;5;6;14;CVE-2013-5881;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2014-0431.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64885 | URL:http://www.securityfocus.com/bid/64885 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102066 | URL:http://osvdb.org/102066 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135881(90377) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90377";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.13;5;6;13;CVE-2013-5882;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64854 | URL:http://www.securityfocus.com/bid/64854 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135882(90374) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90374";Assigned (20130918);"None (candidate not yet proposed)";""
+5.5.33;5;5;33;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102070 | URL:http://osvdb.org/102070 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.13;5;6;13;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102070 | URL:http://osvdb.org/102070 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.13;5;6;13;CVE-2013-5894;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64873 | URL:http://www.securityfocus.com/bid/64873 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102065 | URL:http://osvdb.org/102065 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135894(90376) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90376";Assigned (20130918);"None (candidate not yet proposed)";""
+5.1.72;5;1;72;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102078 | URL:http://osvdb.org/102078 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20135908(90389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90389";Assigned (20130918);"None (candidate not yet proposed)";""
+5.5.34;5;5;34;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102078 | URL:http://osvdb.org/102078 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20135908(90389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90389";Assigned (20130918);"None (candidate not yet proposed)";""
+5.6.14;5;6;14;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102078 | URL:http://osvdb.org/102078 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20135908(90389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90389";Assigned (20130918);"None (candidate not yet proposed)";""
+5.5.34;5;5;34;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"BID:65298 | URL:http://www.securityfocus.com/bid/65298 | CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECTRACK:1029708 | URL:http://www.securitytracker.com/id/1029708 | SECUNIA:52161 | URL:http://secunia.com/advisories/52161 | XF:mysql-cve20140001-bo(90901) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90901";Assigned (20131203);"None (candidate not yet proposed)";""
+02.565.63;02;565;63;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"BID:65298 | URL:http://www.securityfocus.com/bid/65298 | CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECTRACK:1029708 | URL:http://www.securitytracker.com/id/1029708 | SECUNIA:52161 | URL:http://secunia.com/advisories/52161 | XF:mysql-cve20140001-bo(90901) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90901";Assigned (20131203);"None (candidate not yet proposed)";""
+5.5.35;5;5;35;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20131212);"None (candidate not yet proposed)";""
+5.1.71;5;1;71;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102069 | URL:http://osvdb.org/102069 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140386(90380) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90380";Assigned (20131212);"None (candidate not yet proposed)";""
+5.5.33;5;5;33;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102069 | URL:http://osvdb.org/102069 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140386(90380) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90380";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.13;5;6;13;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102069 | URL:http://osvdb.org/102069 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140386(90380) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90380";Assigned (20131212);"None (candidate not yet proposed)";""
+5.1.71;5;1;71;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102075 | URL:http://osvdb.org/102075 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140393(90386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90386";Assigned (20131212);"None (candidate not yet proposed)";""
+5.5.33;5;5;33;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102075 | URL:http://osvdb.org/102075 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140393(90386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90386";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.13;5;6;13;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102075 | URL:http://osvdb.org/102075 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140393(90386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90386";Assigned (20131212);"None (candidate not yet proposed)";""
+5.1.72;5;1;72;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102071 | URL:http://osvdb.org/102071 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140401(90382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90382";Assigned (20131212);"None (candidate not yet proposed)";""
+5.5.34;5;5;34;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102071 | URL:http://osvdb.org/102071 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140401(90382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90382";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.14;5;6;14;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102071 | URL:http://osvdb.org/102071 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140401(90382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90382";Assigned (20131212);"None (candidate not yet proposed)";""
+5.1.71;5;1;71;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102068 | URL:http://osvdb.org/102068 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140402(90379) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90379";Assigned (20131212);"None (candidate not yet proposed)";""
+5.5.33;5;5;33;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102068 | URL:http://osvdb.org/102068 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140402(90379) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90379";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.13;5;6;13;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102068 | URL:http://osvdb.org/102068 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140402(90379) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90379";Assigned (20131212);"None (candidate not yet proposed)";""
+5.1.72;5;1;72;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102067 | URL:http://osvdb.org/102067 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140412(90378) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90378";Assigned (20131212);"None (candidate not yet proposed)";""
+5.5.34;5;5;34;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102067 | URL:http://osvdb.org/102067 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140412(90378) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90378";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.14;5;6;14;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102067 | URL:http://osvdb.org/102067 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140412(90378) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90378";Assigned (20131212);"None (candidate not yet proposed)";""
+5.5.34;5;5;34;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102077 | URL:http://osvdb.org/102077 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140420(90388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90388";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.14;5;6;14;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102077 | URL:http://osvdb.org/102077 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140420(90388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90388";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.13;5;6;13;CVE-2014-0427;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64868 | URL:http://www.securityfocus.com/bid/64868 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102072 | URL:http://osvdb.org/102072 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140427(90383) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90383";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.13;5;6;13;CVE-2014-0430;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64893 | URL:http://www.securityfocus.com/bid/64893 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102076 | URL:http://osvdb.org/102076 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140430(90387) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90387";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.14;5;6;14;CVE-2014-0431;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5881.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64897 | URL:http://www.securityfocus.com/bid/64897 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102073 | URL:http://osvdb.org/102073 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140431(90384) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90384";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.13;5;6;13;CVE-2014-0433;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64895 | URL:http://www.securityfocus.com/bid/64895 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140433(90375) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90375";Assigned (20131212);"None (candidate not yet proposed)";""
+5.1.72;5;1;72;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102074 | URL:http://osvdb.org/102074 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140437(90385) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90385";Assigned (20131212);"None (candidate not yet proposed)";""
+5.5.34;5;5;34;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102074 | URL:http://osvdb.org/102074 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140437(90385) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90385";Assigned (20131212);"None (candidate not yet proposed)";""
+5.6.14;5;6;14;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | OSVDB:102074 | URL:http://osvdb.org/102074 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | XF:oracle-cpujan2014-cve20140437(90385) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90385";Assigned (20131212);"None (candidate not yet proposed)";""
+5.5.35;5;5;35;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"BID:66880 | URL:http://www.securityfocus.com/bid/66880 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"BID:66880 | URL:http://www.securityfocus.com/bid/66880 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.5.36;5;5;36;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"BID:66858 | URL:http://www.securityfocus.com/bid/66858 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.16;5;6;16;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"BID:66858 | URL:http://www.securityfocus.com/bid/66858 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.5.36;5;5;36;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"BID:66890 | URL:http://www.securityfocus.com/bid/66890 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.16;5;6;16;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"BID:66890 | URL:http://www.securityfocus.com/bid/66890 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.5.35;5;5;35;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"BID:66875 | URL:http://www.securityfocus.com/bid/66875 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"BID:66875 | URL:http://www.securityfocus.com/bid/66875 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-2434;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"BID:66872 | URL:http://www.securityfocus.com/bid/66872 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.16;5;6;16;CVE-2014-2435;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"BID:66853 | URL:http://www.securityfocus.com/bid/66853 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml";Assigned (20140313);"None (candidate not yet proposed)";""
+5.5.36;5;5;36;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"BID:66896 | URL:http://www.securityfocus.com/bid/66896 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.16;5;6;16;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"BID:66896 | URL:http://www.securityfocus.com/bid/66896 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.5.35;5;5;35;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"BID:66846 | URL:http://www.securityfocus.com/bid/66846 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"BID:66846 | URL:http://www.securityfocus.com/bid/66846 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-2442;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-2444;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-2450;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-2451;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.6.17;5;6;17;CVE-2014-2484;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRFTS.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.5.37;5;5;37;CVE-2014-2494;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140313);"None (candidate not yet proposed)";""
+5.5.37;5;5;37;CVE-2014-4207;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BID:68593 | URL:http://www.securityfocus.com/bid/68593 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | XF:oracle-cpujul2014-cve20144207(94624) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94624";Assigned (20140617);"None (candidate not yet proposed)";""
+5.6.17;5;6;17;CVE-2014-4214;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.";"BID:68607 | URL:http://www.securityfocus.com/bid/68607 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | XF:oracle-cpujul2014-cve20144214(94627) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94627";Assigned (20140617);"None (candidate not yet proposed)";""
+5.6.17;5;6;17;CVE-2014-4233;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.";"BID:68598 | URL:http://www.securityfocus.com/bid/68598 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | XF:oracle-cpujul2014-cve20144233(94625) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94625";Assigned (20140617);"None (candidate not yet proposed)";""
+5.6.17;5;6;17;CVE-2014-4238;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BID:68587 | URL:http://www.securityfocus.com/bid/68587 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | XF:oracle-cpujul2014-cve20144238(94623) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94623";Assigned (20140617);"None (candidate not yet proposed)";""
+5.6.17;5;6;17;CVE-2014-4240;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.";"BID:68602 | URL:http://www.securityfocus.com/bid/68602 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | XF:oracle-cpujul2014-cve20144240(94626) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94626";Assigned (20140617);"None (candidate not yet proposed)";""
+5.5.35;5;5;35;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BID:68611 | URL:http://www.securityfocus.com/bid/68611 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | XF:oracle-cpujul2014-cve20144243(94628) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94628";Assigned (20140617);"None (candidate not yet proposed)";""
+5.6.15;5;6;15;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BID:68611 | URL:http://www.securityfocus.com/bid/68611 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | XF:oracle-cpujul2014-cve20144243(94628) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94628";Assigned (20140617);"None (candidate not yet proposed)";""
+5.5.37;5;5;37;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BID:68564 | URL:http://www.securityfocus.com/bid/68564 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | XF:oracle-cpujul2014-cve20144258(94620) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94620";Assigned (20140617);"None (candidate not yet proposed)";""
+5.6.17;5;6;17;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BID:68564 | URL:http://www.securityfocus.com/bid/68564 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | XF:oracle-cpujul2014-cve20144258(94620) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94620";Assigned (20140617);"None (candidate not yet proposed)";""
+5.5.37;5;5;37;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BID:68573 | URL:http://www.securityfocus.com/bid/68573 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | XF:oracle-cpujul2014-cve20144260(94621) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94621";Assigned (20140617);"None (candidate not yet proposed)";""
+5.6.17;5;6;17;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BID:68573 | URL:http://www.securityfocus.com/bid/68573 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/534161/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | XF:oracle-cpujul2014-cve20144260(94621) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94621";Assigned (20140617);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"BID:69732 | URL:http://www.securityfocus.com/bid/69732 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140617);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"BID:69732 | URL:http://www.securityfocus.com/bid/69732 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140617);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"BID:70517 | URL:http://www.securityfocus.com/bid/70517 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140617);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"BID:70517 | URL:http://www.securityfocus.com/bid/70517 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140617);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"BID:70532 | URL:http://www.securityfocus.com/bid/70532 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"BID:70532 | URL:http://www.securityfocus.com/bid/70532 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"BID:70451 | URL:http://www.securityfocus.com/bid/70451 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"BID:70451 | URL:http://www.securityfocus.com/bid/70451 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"BID:70446 | URL:http://www.securityfocus.com/bid/70446 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"BID:70446 | URL:http://www.securityfocus.com/bid/70446 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6474;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"BID:70489 | URL:http://www.securityfocus.com/bid/70489 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"BID:70489 | URL:http://www.securityfocus.com/bid/70489 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"BID:70455 | URL:http://www.securityfocus.com/bid/70455 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"BID:70455 | URL:http://www.securityfocus.com/bid/70455 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6489;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.";"BID:70525 | URL:http://www.securityfocus.com/bid/70525 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"BID:70444 | URL:http://www.securityfocus.com/bid/70444 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"BID:70444 | URL:http://www.securityfocus.com/bid/70444 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"BID:70497 | URL:http://www.securityfocus.com/bid/70497 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"BID:70497 | URL:http://www.securityfocus.com/bid/70497 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"BID:70496 | URL:http://www.securityfocus.com/bid/70496 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"BID:70496 | URL:http://www.securityfocus.com/bid/70496 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.39;5;5;39;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"BID:70469 | URL:http://www.securityfocus.com/bid/70469 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.20;5;6;20;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"BID:70469 | URL:http://www.securityfocus.com/bid/70469 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"BID:70478 | URL:http://www.securityfocus.com/bid/70478 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"BID:70478 | URL:http://www.securityfocus.com/bid/70478 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"BID:70516 | URL:http://www.securityfocus.com/bid/70516 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"BID:70516 | URL:http://www.securityfocus.com/bid/70516 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"BID:70550 | URL:http://www.securityfocus.com/bid/70550 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"BID:70550 | URL:http://www.securityfocus.com/bid/70550 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-6520;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.";"BID:70510 | URL:http://www.securityfocus.com/bid/70510 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"BID:70486 | URL:http://www.securityfocus.com/bid/70486 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"BID:70486 | URL:http://www.securityfocus.com/bid/70486 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"BID:70462 | URL:http://www.securityfocus.com/bid/70462 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"BID:70462 | URL:http://www.securityfocus.com/bid/70462 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"BID:70530 | URL:http://www.securityfocus.com/bid/70530 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"BID:70530 | URL:http://www.securityfocus.com/bid/70530 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"BID:70487 | URL:http://www.securityfocus.com/bid/70487 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"BID:70487 | URL:http://www.securityfocus.com/bid/70487 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2014-6564;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.";"BID:70511 | URL:http://www.securityfocus.com/bid/70511 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"BID:72210 | URL:http://www.securityfocus.com/bid/72210 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1";Assigned (20140917);"None (candidate not yet proposed)";""
+5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"BID:72210 | URL:http://www.securityfocus.com/bid/72210 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1";Assigned (20140917);"None (candidate not yet proposed)";""
+5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"BID:72227 | URL:http://www.securityfocus.com/bid/72227 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | XF:oracle-cpujan2015-cve20150374(100191) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100191";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"BID:72227 | URL:http://www.securityfocus.com/bid/72227 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | XF:oracle-cpujan2015-cve20150374(100191) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100191";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"BID:72214 | URL:http://www.securityfocus.com/bid/72214 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | XF:oracle-cpujan2015-cve20150381(100185) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100185";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"BID:72214 | URL:http://www.securityfocus.com/bid/72214 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | XF:oracle-cpujan2015-cve20150381(100185) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100185";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"BID:72200 | URL:http://www.securityfocus.com/bid/72200 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | XF:oracle-cpujan2015-cve20150382(100184) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100184";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"BID:72200 | URL:http://www.securityfocus.com/bid/72200 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | XF:oracle-cpujan2015-cve20150382(100184) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100184";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"BID:72229 | URL:http://www.securityfocus.com/bid/72229 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100190";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"BID:72205 | URL:http://www.securityfocus.com/bid/72205 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | XF:oracle-cpujan2015-cve20150391(100186) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100186";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"BID:72205 | URL:http://www.securityfocus.com/bid/72205 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | XF:oracle-cpujan2015-cve20150391(100186) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100186";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"BID:72223 | URL:http://www.securityfocus.com/bid/72223 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100188";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"BID:72191 | URL:http://www.securityfocus.com/bid/72191 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | XF:oracle-cpujan2015-cve20150411(100183) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100183";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"BID:72191 | URL:http://www.securityfocus.com/bid/72191 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | XF:oracle-cpujan2015-cve20150411(100183) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100183";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"BID:72217 | URL:http://www.securityfocus.com/bid/72217 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | XF:oracle-cpujan2015-cve20150432(100187) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100187";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"BID:74085 | URL:http://www.securityfocus.com/bid/74085 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"BID:74081 | URL:http://www.securityfocus.com/bid/74081 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.42;5;5;42;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0503;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"BID:74112 | URL:http://www.securityfocus.com/bid/74112 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"BID:74112 | URL:http://www.securityfocus.com/bid/74112 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0506;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2015-0508.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0508;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0506.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-0511;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";""
+2.2.12;2;2;12;CVE-2015-1027;Candidate;"The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL.";"CONFIRM:https://bugs.launchpad.net/percona-toolkit/+bug/1408375 | CONFIRM:https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/";Assigned (20150110);"None (candidate not yet proposed)";""
+2.2.8;2;2;8;CVE-2015-1027;Candidate;"The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL.";"CONFIRM:https://bugs.launchpad.net/percona-toolkit/+bug/1408375 | CONFIRM:https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/";Assigned (20150110);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-2566;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-2567;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";""
+5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"BID:74073 | URL:http://www.securityfocus.com/bid/74073 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"BID:74073 | URL:http://www.securityfocus.com/bid/74073 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"BID:74095 | URL:http://www.securityfocus.com/bid/74095 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"BID:74095 | URL:http://www.securityfocus.com/bid/74095 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"BID:74078 | URL:http://www.securityfocus.com/bid/74078 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"BID:74078 | URL:http://www.securityfocus.com/bid/74078 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"BID:75751 | URL:http://www.securityfocus.com/bid/75751 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"BID:75751 | URL:http://www.securityfocus.com/bid/75751 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"BID:75762 | URL:http://www.securityfocus.com/bid/75762 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-2617;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Partition.";"BID:75774 | URL:http://www.securityfocus.com/bid/75774 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"BID:75837 | URL:http://www.securityfocus.com/bid/75837 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"BID:75837 | URL:http://www.securityfocus.com/bid/75837 | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-2639;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.";"BID:75760 | URL:http://www.securityfocus.com/bid/75760 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-2641;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"BID:75815 | URL:http://www.securityfocus.com/bid/75815 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"BID:75830 | URL:http://www.securityfocus.com/bid/75830 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"BID:75830 | URL:http://www.securityfocus.com/bid/75830 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"BID:75822 | URL:http://www.securityfocus.com/bid/75822 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"BID:75822 | URL:http://www.securityfocus.com/bid/75822 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"BID:75813 | URL:http://www.securityfocus.com/bid/75813 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";""
+5.7.2;5;7;2;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BID:74398 | URL:http://www.securityfocus.com/bid/74398 | BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/535397/100/1100/threaded | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";""
+6.1.2;6;1;2;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BID:74398 | URL:http://www.securityfocus.com/bid/74398 | BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/535397/100/1100/threaded | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";""
+5.5.43;5;5;43;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BID:74398 | URL:http://www.securityfocus.com/bid/74398 | BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/535397/100/1100/threaded | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";""
+5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"BID:75802 | URL:http://www.securityfocus.com/bid/75802 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"BID:75802 | URL:http://www.securityfocus.com/bid/75802 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"BID:75849 | URL:http://www.securityfocus.com/bid/75849 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"BID:75849 | URL:http://www.securityfocus.com/bid/75849 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"BID:75785 | URL:http://www.securityfocus.com/bid/75785 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"BID:75759 | URL:http://www.securityfocus.com/bid/75759 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"BID:75759 | URL:http://www.securityfocus.com/bid/75759 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"BID:75770 | URL:http://www.securityfocus.com/bid/75770 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"BID:77232 | URL:http://www.securityfocus.com/bid/77232 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-4767;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4769.";"BID:75844 | URL:http://www.securityfocus.com/bid/75844 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-4769;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4767.";"BID:75753 | URL:http://www.securityfocus.com/bid/75753 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"BID:75835 | URL:http://www.securityfocus.com/bid/75835 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"BID:75781 | URL:http://www.securityfocus.com/bid/75781 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911 | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"BID:77213 | URL:http://www.securityfocus.com/bid/77213 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"BID:77171 | URL:http://www.securityfocus.com/bid/77171 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"BID:77171 | URL:http://www.securityfocus.com/bid/77171 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"BID:77216 | URL:http://www.securityfocus.com/bid/77216 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"BID:77165 | URL:http://www.securityfocus.com/bid/77165 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"BID:77165 | URL:http://www.securityfocus.com/bid/77165 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"BID:77222 | URL:http://www.securityfocus.com/bid/77222 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"BID:77222 | URL:http://www.securityfocus.com/bid/77222 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"BID:77134 | URL:http://www.securityfocus.com/bid/77134 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"BID:77196 | URL:http://www.securityfocus.com/bid/77196 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"BID:77196 | URL:http://www.securityfocus.com/bid/77196 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"BID:77237 | URL:http://www.securityfocus.com/bid/77237 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"BID:77237 | URL:http://www.securityfocus.com/bid/77237 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"BID:77228 | URL:http://www.securityfocus.com/bid/77228 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"BID:77228 | URL:http://www.securityfocus.com/bid/77228 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"BID:77170 | URL:http://www.securityfocus.com/bid/77170 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"BID:77190 | URL:http://www.securityfocus.com/bid/77190 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"BID:77190 | URL:http://www.securityfocus.com/bid/77190 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"BID:77145 | URL:http://www.securityfocus.com/bid/77145 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"BID:77145 | URL:http://www.securityfocus.com/bid/77145 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"BID:77137 | URL:http://www.securityfocus.com/bid/77137 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"BID:77137 | URL:http://www.securityfocus.com/bid/77137 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"BID:77147 | URL:http://www.securityfocus.com/bid/77147 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"BID:77187 | URL:http://www.securityfocus.com/bid/77187 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"BID:77187 | URL:http://www.securityfocus.com/bid/77187 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"BID:77132 | URL:http://www.securityfocus.com/bid/77132 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"BID:77208 | URL:http://www.securityfocus.com/bid/77208 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | EXPLOIT-DB:39867 | URL:https://www.exploit-db.com/exploits/39867/ | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | MISC:http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"BID:77208 | URL:http://www.securityfocus.com/bid/77208 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | EXPLOIT-DB:39867 | URL:https://www.exploit-db.com/exploits/39867/ | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | MISC:http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"BID:77140 | URL:http://www.securityfocus.com/bid/77140 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"BID:77140 | URL:http://www.securityfocus.com/bid/77140 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"BID:77231 | URL:http://www.securityfocus.com/bid/77231 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"BID:77136 | URL:http://www.securityfocus.com/bid/77136 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"BID:77219 | URL:http://www.securityfocus.com/bid/77219 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"BID:77143 | URL:http://www.securityfocus.com/bid/77143 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"BID:77234 | URL:http://www.securityfocus.com/bid/77234 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"BID:77153 | URL:http://www.securityfocus.com/bid/77153 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"BID:77153 | URL:http://www.securityfocus.com/bid/77153 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1";Assigned (20150624);"None (candidate not yet proposed)";""
+5.6.27;5;6;27;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";""
+2.17.0;2;17;0;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";""
+10.0.21;10;0;21;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";""
+2.21.1;2;21;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";""
+5.4.42;5;4;42;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";""
+5.5.26;5;5;26;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";""
+5.6.10;5;6;10;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"BID:81066 | URL:http://www.securityfocus.com/bid/81066 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708 | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"BID:81066 | URL:http://www.securityfocus.com/bid/81066 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708 | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";""
+5.7.8;5;7;8;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"BID:81066 | URL:http://www.securityfocus.com/bid/81066 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708 | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";""
+5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"BID:81066 | URL:http://www.securityfocus.com/bid/81066 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708 | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";""
+10.0.22;10;0;22;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"BID:81066 | URL:http://www.securityfocus.com/bid/81066 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708 | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";""
+10.1.9;10;1;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"BID:81066 | URL:http://www.securityfocus.com/bid/81066 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708 | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";""
+3.16.0;3;16;0;CVE-2016-10550;Candidate;"sequelize is an Object-relational mapping; or a middleman to convert things from Postgres; MySQL; MariaDB; SQLite and Microsoft SQL Server into usable data for NodeJS If user input goes into the `limit` or `order` parameters; a malicious user can put in their own SQL statements. This affects sequelize 3.16.0 and earlier.";"MISC:https://github.com/sequelize/sequelize/pull/5167/commits/f282d85e60e3df5e57ecdb82adccb4eaef404f03 | MISC:https://nodesecurity.io/advisories/112";Assigned (20171029);"None (candidate not yet proposed)";""
+2.1.3;2;1;3;CVE-2016-10553;Candidate;"sequelize is an Object-relational mapping; or a middleman to convert things from Postgres; MySQL; MariaDB; SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier.";"MISC:https://github.com/sequelize/sequelize/blob/master/changelog.md#300 | MISC:https://nodesecurity.io/advisories/109";Assigned (20171029);"None (candidate not yet proposed)";""
+1.7.-1;1;7;-1;CVE-2016-10554;Candidate;"sequelize is an Object-relational mapping; or a middleman to convert things from Postgres; MySQL; MariaDB; SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3; sequelize defaulted SQLite to use MySQL backslash escaping; even though SQLite uses Postgres escaping.";"MISC:https://github.com/sequelize/sequelize/commit/c876192aa6ce1f67e22b26a4d175b8478615f42d | MISC:https://nodesecurity.io/advisories/113";Assigned (20171029);"None (candidate not yet proposed)";""
+3.19.3;3;19;3;CVE-2016-10556;Candidate;"sequelize is an Object-relational mapping; or a middleman to convert things from Postgres; MySQL; MariaDB; SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres; SQLite; and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped. This causes potential SQL injection in sequelize 3.19.3 and earlier; where a malicious user could put `[""test""; ""'); DELETE TestTable WHERE Id = 1 --')""]` inside of ``` database.query('SELECT * FROM TestTable WHERE Name IN (:names)'; { replacements: { names: directCopyOfUserInput } }); ``` and cause the SQL statement to become `SELECT Id FROM Table WHERE Name IN ('test'; '\'); DELETE TestTable WHERE Id = 1 --')`. In Postgres; MSSQL; and SQLite; the backslash has no special meaning. This causes the the statement to delete whichever Id has a value of 1 in the TestTable table.";"MISC:https://github.com/sequelize/sequelize/issues/5671 | MISC:https://nodesecurity.io/advisories/102";Assigned (20171029);"None (candidate not yet proposed)";""
+5.5.46;5;5;46;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"BID:81810 | URL:http://www.securityfocus.com/bid/81810 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606 | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1";Assigned (20160122);"None (candidate not yet proposed)";""
+10.0.22;10;0;22;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"BID:81810 | URL:http://www.securityfocus.com/bid/81810 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606 | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1";Assigned (20160122);"None (candidate not yet proposed)";""
+10.1.9;10;1;9;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"BID:81810 | URL:http://www.securityfocus.com/bid/81810 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606 | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1";Assigned (20160122);"None (candidate not yet proposed)";""
+5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"BID:81810 | URL:http://www.securityfocus.com/bid/81810 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606 | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1";Assigned (20160122);"None (candidate not yet proposed)";""
+5.6.28;5;6;28;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"BID:81810 | URL:http://www.securityfocus.com/bid/81810 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606 | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1";Assigned (20160122);"None (candidate not yet proposed)";""
+5.7.10;5;7;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"BID:81810 | URL:http://www.securityfocus.com/bid/81810 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606 | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1";Assigned (20160122);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91976 | URL:http://www.securityfocus.com/bid/91976 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91910 | URL:http://www.securityfocus.com/bid/91910 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.47;5;5;47;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.28;5;6;28;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.9;5;7;9;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";""
+10.0.24;10;0;24;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";""
+10.1.13;10;1;13;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.29;5;6;29;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.11;5;7;11;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+10.0.24;10;0;24;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+10.1.13;10;1;13;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | MISC:https://www.tenable.com/security/research/tra-2016-11 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160317);"None (candidate not yet proposed)";""
+3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | MISC:https://www.tenable.com/security/research/tra-2016-11 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.48;5;5;48;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.29;5;6;29;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.11;5;7;11;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+10.0.25;10;0;25;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+10.1.14;10;1;14;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.51;5;5;51;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"BID:93650 | URL:http://www.securityfocus.com/bid/93650 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.32;5;6;32;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"BID:93650 | URL:http://www.securityfocus.com/bid/93650 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.14;5;7;14;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"BID:93650 | URL:http://www.securityfocus.com/bid/93650 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-3495;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:93670 | URL:http://www.securityfocus.com/bid/93670 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91967 | URL:http://www.securityfocus.com/bid/91967 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.48;5;5;48;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.29;5;6;29;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.11;5;7;11;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+10.0.25;10;0;25;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+10.1.14;10;1;14;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91983 | URL:http://www.securityfocus.com/bid/91983 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.48;5;5;48;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.6.29;5;6;29;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.11;5;7;11;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+10.0.25;10;0;25;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+10.1.14;10;1;14;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160317);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91906 | URL:http://www.securityfocus.com/bid/91906 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91917 | URL:http://www.securityfocus.com/bid/91917 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.5.48;5;5;48;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.6.29;5;6;29;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.11;5;7;11;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+10.0.25;10;0;25;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+10.1.14;10;1;14;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91915 | URL:http://www.securityfocus.com/bid/91915 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91974 | URL:http://www.securityfocus.com/bid/91974 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91963 | URL:http://www.securityfocus.com/bid/91963 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1";Assigned (20160616);"None (candidate not yet proposed)";""
+5.5.47;5;5;47;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";""
+5.6.28;5;6;28;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.10;5;7;10;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";""
+5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";""
+10.0.24;10;0;24;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";""
+10.1.13;10;1;13;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";""
+5.6.32;5;6;32;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:93678 | URL:http://www.securityfocus.com/bid/93678 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.14;5;7;14;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:93678 | URL:http://www.securityfocus.com/bid/93678 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.5.52;5;5;52;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"BID:93735 | URL:http://www.securityfocus.com/bid/93735 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.6.33;5;6;33;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"BID:93735 | URL:http://www.securityfocus.com/bid/93735 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.15;5;7;15;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"BID:93735 | URL:http://www.securityfocus.com/bid/93735 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.14;5;7;14;CVE-2016-5625;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Packaging.";"BID:93617 | URL:http://www.securityfocus.com/bid/93617 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.6.31;5;6;31;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"BID:93642 | URL:http://www.securityfocus.com/bid/93642 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"BID:93642 | URL:http://www.securityfocus.com/bid/93642 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-5628;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.";"BID:93662 | URL:http://www.securityfocus.com/bid/93662 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.5.51;5;5;51;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"BID:93668 | URL:http://www.securityfocus.com/bid/93668 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.6.32;5;6;32;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"BID:93668 | URL:http://www.securityfocus.com/bid/93668 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.14;5;7;14;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"BID:93668 | URL:http://www.securityfocus.com/bid/93668 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.6.31;5;6;31;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:93674 | URL:http://www.securityfocus.com/bid/93674 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"BID:93674 | URL:http://www.securityfocus.com/bid/93674 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-5631;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.";"BID:93684 | URL:http://www.securityfocus.com/bid/93684 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.14;5;7;14;CVE-2016-5632;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"BID:93693 | URL:http://www.securityfocus.com/bid/93693 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-5633;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-8290.";"BID:93702 | URL:http://www.securityfocus.com/bid/93702 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-5635;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.";"BID:93715 | URL:http://www.securityfocus.com/bid/93715 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";""
+5.5.51;5;5;51;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"BID:92912 | URL:http://www.securityfocus.com/bid/92912 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";""
+5.6.32;5;6;32;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"BID:92912 | URL:http://www.securityfocus.com/bid/92912 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";""
+5.7.14;5;7;14;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"BID:92912 | URL:http://www.securityfocus.com/bid/92912 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";""
+5.5.50;5;5;50;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"BID:92912 | URL:http://www.securityfocus.com/bid/92912 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";""
+10.0.26;10;0;26;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"BID:92912 | URL:http://www.securityfocus.com/bid/92912 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";""
+10.1.16;10;1;16;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"BID:92912 | URL:http://www.securityfocus.com/bid/92912 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";""
+5.6.31;5;6;31;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"BID:92912 | URL:http://www.securityfocus.com/bid/92912 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"BID:92912 | URL:http://www.securityfocus.com/bid/92912 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";""
+5.5.51;5;5;51;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+5.6.32;5;6;32;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+5.7.14;5;7;14;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+8.0.0;8;0;0;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+10.0.27;10;0;27;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+10.1.17;10;1;17;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+5.5.50;5;5;50;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+5.6.31;5;6;31;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+5.5.40;5;5;40;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html";Assigned (20160810);"None (candidate not yet proposed)";""
+5.5.50;5;5;50;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BID:93612 | URL:http://www.securityfocus.com/bid/93612 | BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/539695/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574";Assigned (20160810);"None (candidate not yet proposed)";""
+5.6.31;5;6;31;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BID:93612 | URL:http://www.securityfocus.com/bid/93612 | BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/539695/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574";Assigned (20160810);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BID:93612 | URL:http://www.securityfocus.com/bid/93612 | BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/539695/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574";Assigned (20160810);"None (candidate not yet proposed)";""
+5.5.40;5;5;40;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BID:93612 | URL:http://www.securityfocus.com/bid/93612 | BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/539695/100/0/threaded | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574";Assigned (20160810);"None (candidate not yet proposed)";""
+5.6.25;5;6;25;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"BID:93005 | URL:http://www.securityfocus.com/bid/93005 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | CONFIRM:https://www.tenable.com/security/tns-2016-19 | GENTOO:GLSA-201611-22 | URL:https://security.gentoo.org/glsa/201611-22 | MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | REDHAT:RHSA-2018:1296 | URL:https://access.redhat.com/errata/RHSA-2018:1296 | SECTRACK:1036836 | URL:http://www.securitytracker.com/id/1036836";Assigned (20160909);"None (candidate not yet proposed)";""
+7.0.10;7;0;10;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"BID:93005 | URL:http://www.securityfocus.com/bid/93005 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | CONFIRM:https://www.tenable.com/security/tns-2016-19 | GENTOO:GLSA-201611-22 | URL:https://security.gentoo.org/glsa/201611-22 | MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | REDHAT:RHSA-2018:1296 | URL:https://access.redhat.com/errata/RHSA-2018:1296 | SECTRACK:1036836 | URL:http://www.securitytracker.com/id/1036836";Assigned (20160909);"None (candidate not yet proposed)";""
+5.5.51;5;5;51;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"BID:93737 | URL:http://www.securityfocus.com/bid/93737 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.6.32;5;6;32;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"BID:93737 | URL:http://www.securityfocus.com/bid/93737 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.7.14;5;7;14;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"BID:93737 | URL:http://www.securityfocus.com/bid/93737 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.6.31;5;6;31;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"BID:93755 | URL:http://www.securityfocus.com/bid/93755 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"BID:93755 | URL:http://www.securityfocus.com/bid/93755 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.7.14;5;7;14;CVE-2016-8286;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.";"BID:93745 | URL:http://www.securityfocus.com/bid/93745 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-8287;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"BID:93727 | URL:http://www.securityfocus.com/bid/93727 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.6.30;5;6;30;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"BID:93740 | URL:http://www.securityfocus.com/bid/93740 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.7.12;5;7;12;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"BID:93740 | URL:http://www.securityfocus.com/bid/93740 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-8289;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.";"BID:93720 | URL:http://www.securityfocus.com/bid/93720 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.7.13;5;7;13;CVE-2016-8290;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-5633.";"BID:93733 | URL:http://www.securityfocus.com/bid/93733 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2016-8318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).";"BID:95580 | URL:http://www.securityfocus.com/bid/95580 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2016-8318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).";"BID:95580 | URL:http://www.securityfocus.com/bid/95580 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2016-8327;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"BID:95557 | URL:http://www.securityfocus.com/bid/95557 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2016-8327;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"BID:95557 | URL:http://www.securityfocus.com/bid/95557 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10155;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:101402 | URL:http://www.securityfocus.com/bid/101402 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10155;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:101402 | URL:http://www.securityfocus.com/bid/101402 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10165;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101424 | URL:http://www.securityfocus.com/bid/101424 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10167;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101433 | URL:http://www.securityfocus.com/bid/101433 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10227;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101337 | URL:http://www.securityfocus.com/bid/101337 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10227;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101337 | URL:http://www.securityfocus.com/bid/101337 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.5.57;5;5;57;CVE-2017-10268;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"BID:101390 | URL:http://www.securityfocus.com/bid/101390 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10268;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"BID:101390 | URL:http://www.securityfocus.com/bid/101390 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10268;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"BID:101390 | URL:http://www.securityfocus.com/bid/101390 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10276;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101441 | URL:http://www.securityfocus.com/bid/101441 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10276;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101441 | URL:http://www.securityfocus.com/bid/101441 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-10279;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101316 | URL:http://www.securityfocus.com/bid/101316 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-10279;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101316 | URL:http://www.securityfocus.com/bid/101316 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10283;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101420 | URL:http://www.securityfocus.com/bid/101420 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10283;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101420 | URL:http://www.securityfocus.com/bid/101420 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-10284;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Stored Procedure). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101385 | URL:http://www.securityfocus.com/bid/101385 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10286;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101397 | URL:http://www.securityfocus.com/bid/101397 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10286;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101397 | URL:http://www.securityfocus.com/bid/101397 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10294;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101444 | URL:http://www.securityfocus.com/bid/101444 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10294;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101444 | URL:http://www.securityfocus.com/bid/101444 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-10296;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101373 | URL:http://www.securityfocus.com/bid/101373 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10311;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101446 | URL:http://www.securityfocus.com/bid/101446 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101448 | URL:http://www.securityfocus.com/bid/101448 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10314;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101314 | URL:http://www.securityfocus.com/bid/101314 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10314;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101314 | URL:http://www.securityfocus.com/bid/101314 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10320;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:101410 | URL:http://www.securityfocus.com/bid/101410 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-10365;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 3.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L).";"BID:101429 | URL:http://www.securityfocus.com/bid/101429 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.5.57;5;5;57;CVE-2017-10378;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101375 | URL:http://www.securityfocus.com/bid/101375 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10378;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101375 | URL:http://www.securityfocus.com/bid/101375 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.11;5;7;11;CVE-2017-10378;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101375 | URL:http://www.securityfocus.com/bid/101375 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.5.57;5;5;57;CVE-2017-10379;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"BID:101415 | URL:http://www.securityfocus.com/bid/101415 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10379;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"BID:101415 | URL:http://www.securityfocus.com/bid/101415 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10379;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"BID:101415 | URL:http://www.securityfocus.com/bid/101415 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.5.57;5;5;57;CVE-2017-10384;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101406 | URL:http://www.securityfocus.com/bid/101406 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.6.37;5;6;37;CVE-2017-10384;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101406 | URL:http://www.securityfocus.com/bid/101406 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2017-10384;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:101406 | URL:http://www.securityfocus.com/bid/101406 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";""
+10.1.29;10;1;29;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258";Assigned (20171015);"None (candidate not yet proposed)";""
+10.2.9;10;2;9;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258";Assigned (20171015);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258";Assigned (20171015);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258";Assigned (20171015);"None (candidate not yet proposed)";""
+5.0.-1;5;0;-1;CVE-2017-16540;Candidate;"OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL server via vectors involving a crafted state parameter.";"BID:101983 | URL:http://www.securityfocus.com/bid/101983 | MISC:http://www.open-emr.org/wiki/index.php/OpenEMR_Patches | MISC:https://isears.github.io/jekyll/update/2017/10/28/openemr-database-disclosure.html";Assigned (20171104);"None (candidate not yet proposed)";""
+67.9999.102;67;9999;102;CVE-2017-18410;Candidate;"In cPanel before 67.9999.103; a user account's backup archive could contain all MySQL databases on the server (SEC-284).";"CONFIRM:https://documentation.cpanel.net/display/CL/68+Change+Log";Assigned (20190731);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95571 | URL:http://www.securityfocus.com/bid/95571 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95571 | URL:http://www.securityfocus.com/bid/95571 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95571 | URL:http://www.securityfocus.com/bid/95571 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3243;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"BID:95538 | URL:http://www.securityfocus.com/bid/95538 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95565 | URL:http://www.securityfocus.com/bid/95565 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95565 | URL:http://www.securityfocus.com/bid/95565 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95565 | URL:http://www.securityfocus.com/bid/95565 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3251;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).";"BID:95482 | URL:http://www.securityfocus.com/bid/95482 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3256;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95486 | URL:http://www.securityfocus.com/bid/95486 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3257;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95589 | URL:http://www.securityfocus.com/bid/95589 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3257;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95589 | URL:http://www.securityfocus.com/bid/95589 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95560 | URL:http://www.securityfocus.com/bid/95560 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95560 | URL:http://www.securityfocus.com/bid/95560 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95560 | URL:http://www.securityfocus.com/bid/95560 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"BID:95520 | URL:http://www.securityfocus.com/bid/95520 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"BID:95520 | URL:http://www.securityfocus.com/bid/95520 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"BID:95520 | URL:http://www.securityfocus.com/bid/95520 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3273;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95583 | URL:http://www.securityfocus.com/bid/95583 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3273;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"BID:95583 | URL:http://www.securityfocus.com/bid/95583 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"BID:95501 | URL:http://www.securityfocus.com/bid/95501 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"BID:95501 | URL:http://www.securityfocus.com/bid/95501 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"BID:95501 | URL:http://www.securityfocus.com/bid/95501 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.55;5;5;55;CVE-2017-3305;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client; aka; ""The Riddle"".";"BID:97023 | URL:http://www.securityfocus.com/bid/97023 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | MISC:http://riddle.link/ | MLIST:[oss-security] 20170317 CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure) | URL:http://www.openwall.com/lists/oss-security/2017/03/17/3 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3305;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client; aka; ""The Riddle"".";"BID:97023 | URL:http://www.securityfocus.com/bid/97023 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | MISC:http://riddle.link/ | MLIST:[oss-security] 20170317 CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure) | URL:http://www.openwall.com/lists/oss-security/2017/03/17/3 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+3.1.6;3;1;6;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"BID:97724 | URL:http://www.securityfocus.com/bid/97724 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+3.2.1182;3;2;1182;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"BID:97724 | URL:http://www.securityfocus.com/bid/97724 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+3.3.2;3;3;2;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"BID:97724 | URL:http://www.securityfocus.com/bid/97724 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+3.1.6;3;1;6;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"BID:97844 | URL:http://www.securityfocus.com/bid/97844 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+3.2.1182;3;2;1182;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"BID:97844 | URL:http://www.securityfocus.com/bid/97844 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+3.3.2;3;3;2;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"BID:97844 | URL:http://www.securityfocus.com/bid/97844 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"BID:97725 | URL:http://www.securityfocus.com/bid/97725 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"BID:97725 | URL:http://www.securityfocus.com/bid/97725 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"BID:97725 | URL:http://www.securityfocus.com/bid/97725 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"BID:97742 | URL:http://www.securityfocus.com/bid/97742 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"BID:97742 | URL:http://www.securityfocus.com/bid/97742 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"BID:97742 | URL:http://www.securityfocus.com/bid/97742 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"BID:95491 | URL:http://www.securityfocus.com/bid/95491 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"BID:95491 | URL:http://www.securityfocus.com/bid/95491 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"BID:95491 | URL:http://www.securityfocus.com/bid/95491 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"BID:95527 | URL:http://www.securityfocus.com/bid/95527 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3809 | URL:http://www.debian.org/security/2017/dsa-3809 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"BID:95527 | URL:http://www.securityfocus.com/bid/95527 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3809 | URL:http://www.debian.org/security/2017/dsa-3809 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"BID:95527 | URL:http://www.securityfocus.com/bid/95527 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3809 | URL:http://www.debian.org/security/2017/dsa-3809 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"BID:95585 | URL:http://www.securityfocus.com/bid/95585 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"BID:95585 | URL:http://www.securityfocus.com/bid/95585 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"BID:95585 | URL:http://www.securityfocus.com/bid/95585 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.53;5;5;53;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"BID:95588 | URL:http://www.securityfocus.com/bid/95588 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.34;5;6;34;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"BID:95588 | URL:http://www.securityfocus.com/bid/95588 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"BID:95588 | URL:http://www.securityfocus.com/bid/95588 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3319;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).";"BID:95479 | URL:http://www.securityfocus.com/bid/95479 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3320;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).";"BID:95470 | URL:http://www.securityfocus.com/bid/95470 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:97763 | URL:http://www.securityfocus.com/bid/97763 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:97763 | URL:http://www.securityfocus.com/bid/97763 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:97763 | URL:http://www.securityfocus.com/bid/97763 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.11;5;7;11;CVE-2017-3331;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:97772 | URL:http://www.securityfocus.com/bid/97772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3331;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:97772 | URL:http://www.securityfocus.com/bid/97772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3450;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:97747 | URL:http://www.securityfocus.com/bid/97747 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3450;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:97747 | URL:http://www.securityfocus.com/bid/97747 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3452;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:97779 | URL:http://www.securityfocus.com/bid/97779 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:97776 | URL:http://www.securityfocus.com/bid/97776 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:97776 | URL:http://www.securityfocus.com/bid/97776 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:97776 | URL:http://www.securityfocus.com/bid/97776 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3454;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:97791 | URL:http://www.securityfocus.com/bid/97791 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3455;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).";"BID:97820 | URL:http://www.securityfocus.com/bid/97820 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97831 | URL:http://www.securityfocus.com/bid/97831 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97831 | URL:http://www.securityfocus.com/bid/97831 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97831 | URL:http://www.securityfocus.com/bid/97831 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3457;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97845 | URL:http://www.securityfocus.com/bid/97845 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3458;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97837 | URL:http://www.securityfocus.com/bid/97837 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3459;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97847 | URL:http://www.securityfocus.com/bid/97847 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3460;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97826 | URL:http://www.securityfocus.com/bid/97826 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97812 | URL:http://www.securityfocus.com/bid/97812 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97812 | URL:http://www.securityfocus.com/bid/97812 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97812 | URL:http://www.securityfocus.com/bid/97812 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97851 | URL:http://www.securityfocus.com/bid/97851 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97851 | URL:http://www.securityfocus.com/bid/97851 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97851 | URL:http://www.securityfocus.com/bid/97851 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97849 | URL:http://www.securityfocus.com/bid/97849 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97849 | URL:http://www.securityfocus.com/bid/97849 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:97849 | URL:http://www.securityfocus.com/bid/97849 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:97818 | URL:http://www.securityfocus.com/bid/97818 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:97818 | URL:http://www.securityfocus.com/bid/97818 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:97818 | URL:http://www.securityfocus.com/bid/97818 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3465;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:97822 | URL:http://www.securityfocus.com/bid/97822 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3467;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).";"BID:97825 | URL:http://www.securityfocus.com/bid/97825 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3468;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:97848 | URL:http://www.securityfocus.com/bid/97848 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3529;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:99746 | URL:http://www.securityfocus.com/bid/99746 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3599;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.";"BID:97754 | URL:http://www.securityfocus.com/bid/97754 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | EXPLOIT-DB:41954 | URL:https://www.exploit-db.com/exploits/41954/ | MISC:https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3599;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.";"BID:97754 | URL:http://www.securityfocus.com/bid/97754 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | EXPLOIT-DB:41954 | URL:https://www.exploit-db.com/exploits/41954/ | MISC:https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.54;5;5;54;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"BID:97765 | URL:http://www.securityfocus.com/bid/97765 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.35;5;6;35;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"BID:97765 | URL:http://www.securityfocus.com/bid/97765 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.17;5;7;17;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"BID:97765 | URL:http://www.securityfocus.com/bid/97765 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3633;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).";"BID:99722 | URL:http://www.securityfocus.com/bid/99722 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3633;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).";"BID:99722 | URL:http://www.securityfocus.com/bid/99722 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3634;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:99729 | URL:http://www.securityfocus.com/bid/99729 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3634;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:99729 | URL:http://www.securityfocus.com/bid/99729 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.56;5;5;56;CVE-2017-3636;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).";"BID:99736 | URL:http://www.securityfocus.com/bid/99736 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3636;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).";"BID:99736 | URL:http://www.securityfocus.com/bid/99736 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3637;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:99748 | URL:http://www.securityfocus.com/bid/99748 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3638;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99778 | URL:http://www.securityfocus.com/bid/99778 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3639;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99753 | URL:http://www.securityfocus.com/bid/99753 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99765 | URL:http://www.securityfocus.com/bid/99765 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.56;5;5;56;CVE-2017-3641;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99767 | URL:http://www.securityfocus.com/bid/99767 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3641;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99767 | URL:http://www.securityfocus.com/bid/99767 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3641;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99767 | URL:http://www.securityfocus.com/bid/99767 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3642;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99779 | URL:http://www.securityfocus.com/bid/99779 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3643;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99772 | URL:http://www.securityfocus.com/bid/99772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3644;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99775 | URL:http://www.securityfocus.com/bid/99775 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3645;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99783 | URL:http://www.securityfocus.com/bid/99783 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.16;5;7;16;CVE-2017-3646;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99786 | URL:http://www.securityfocus.com/bid/99786 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99796 | URL:http://www.securityfocus.com/bid/99796 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99796 | URL:http://www.securityfocus.com/bid/99796 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.56;5;5;56;CVE-2017-3648;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99789 | URL:http://www.securityfocus.com/bid/99789 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3648;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99789 | URL:http://www.securityfocus.com/bid/99789 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3648;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99789 | URL:http://www.securityfocus.com/bid/99789 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3649;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99799 | URL:http://www.securityfocus.com/bid/99799 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3649;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:99799 | URL:http://www.securityfocus.com/bid/99799 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3650;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).";"BID:99808 | URL:http://www.securityfocus.com/bid/99808 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.56;5;5;56;CVE-2017-3651;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:99802 | URL:http://www.securityfocus.com/bid/99802 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3651;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:99802 | URL:http://www.securityfocus.com/bid/99802 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3651;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:99802 | URL:http://www.securityfocus.com/bid/99802 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.56;5;5;56;CVE-2017-3652;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).";"BID:99805 | URL:http://www.securityfocus.com/bid/99805 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3652;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).";"BID:99805 | URL:http://www.securityfocus.com/bid/99805 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3652;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).";"BID:99805 | URL:http://www.securityfocus.com/bid/99805 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.5.56;5;5;56;CVE-2017-3653;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:99810 | URL:http://www.securityfocus.com/bid/99810 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.6.36;5;6;36;CVE-2017-3653;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:99810 | URL:http://www.securityfocus.com/bid/99810 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2017-3653;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:99810 | URL:http://www.securityfocus.com/bid/99810 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";""
+1.1.54389;1;1;54389;CVE-2018-14669;Candidate;"ClickHouse MySQL client before versions 1.1.54390 had ""LOAD DATA LOCAL INFILE"" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server.";"MISC:https://clickhouse.yandex/docs/en/security_changelog/";Assigned (20180727);"None (candidate not yet proposed)";""
+5.5.58;5;5;58;CVE-2018-2562;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"BID:102713 | URL:http://www.securityfocus.com/bid/102713 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2562;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"BID:102713 | URL:http://www.securityfocus.com/bid/102713 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2018-2562;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"BID:102713 | URL:http://www.securityfocus.com/bid/102713 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2565;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102712 | URL:http://www.securityfocus.com/bid/102712 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2573;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102710 | URL:http://www.securityfocus.com/bid/102710 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2573;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102710 | URL:http://www.securityfocus.com/bid/102710 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2576;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102695 | URL:http://www.securityfocus.com/bid/102695 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2583;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).";"BID:102708 | URL:http://www.securityfocus.com/bid/102708 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2583;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).";"BID:102708 | URL:http://www.securityfocus.com/bid/102708 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2586;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102700 | URL:http://www.securityfocus.com/bid/102700 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2590;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102697 | URL:http://www.securityfocus.com/bid/102697 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2590;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102697 | URL:http://www.securityfocus.com/bid/102697 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2591;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102714 | URL:http://www.securityfocus.com/bid/102714 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.19;5;7;19;CVE-2018-2591;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102714 | URL:http://www.securityfocus.com/bid/102714 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102696 | URL:http://www.securityfocus.com/bid/102696 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2612;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"BID:102709 | URL:http://www.securityfocus.com/bid/102709 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2612;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"BID:102709 | URL:http://www.securityfocus.com/bid/102709 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.58;5;5;58;CVE-2018-2622;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102706 | URL:http://www.securityfocus.com/bid/102706 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2622;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102706 | URL:http://www.securityfocus.com/bid/102706 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2622;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102706 | URL:http://www.securityfocus.com/bid/102706 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.58;5;5;58;CVE-2018-2640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102678 | URL:http://www.securityfocus.com/bid/102678 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102678 | URL:http://www.securityfocus.com/bid/102678 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102678 | URL:http://www.securityfocus.com/bid/102678 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2645;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).";"BID:102698 | URL:http://www.securityfocus.com/bid/102698 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2645;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).";"BID:102698 | URL:http://www.securityfocus.com/bid/102698 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2646;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102703 | URL:http://www.securityfocus.com/bid/102703 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:102711 | URL:http://www.securityfocus.com/bid/102711 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:102711 | URL:http://www.securityfocus.com/bid/102711 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.58;5;5;58;CVE-2018-2665;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102681 | URL:http://www.securityfocus.com/bid/102681 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2665;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102681 | URL:http://www.securityfocus.com/bid/102681 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2665;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102681 | URL:http://www.securityfocus.com/bid/102681 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2667;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:102685 | URL:http://www.securityfocus.com/bid/102685 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.58;5;5;58;CVE-2018-2668;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102682 | URL:http://www.securityfocus.com/bid/102682 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2668;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102682 | URL:http://www.securityfocus.com/bid/102682 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2668;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102682 | URL:http://www.securityfocus.com/bid/102682 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2696;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:102701 | URL:http://www.securityfocus.com/bid/102701 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2696;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:102701 | URL:http://www.securityfocus.com/bid/102701 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.38;5;6;38;CVE-2018-2703;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102704 | URL:http://www.securityfocus.com/bid/102704 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.20;5;7;20;CVE-2018-2703;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:102704 | URL:http://www.securityfocus.com/bid/102704 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.59;5;5;59;CVE-2018-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).";"BID:103807 | URL:http://www.securityfocus.com/bid/103807 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).";"BID:103807 | URL:http://www.securityfocus.com/bid/103807 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).";"BID:103807 | URL:http://www.securityfocus.com/bid/103807 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2758;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103802 | URL:http://www.securityfocus.com/bid/103802 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2758;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103802 | URL:http://www.securityfocus.com/bid/103802 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2759;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103780 | URL:http://www.securityfocus.com/bid/103780 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.59;5;5;59;CVE-2018-2761;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:103820 | URL:http://www.securityfocus.com/bid/103820 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2761;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:103820 | URL:http://www.securityfocus.com/bid/103820 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2761;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:103820 | URL:http://www.securityfocus.com/bid/103820 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2762;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103794 | URL:http://www.securityfocus.com/bid/103794 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2766;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103805 | URL:http://www.securityfocus.com/bid/103805 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2766;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103805 | URL:http://www.securityfocus.com/bid/103805 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.60;5;5;60;CVE-2018-2767;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"BID:103954 | URL:http://www.securityfocus.com/bid/103954 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.40;5;6;40;CVE-2018-2767;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"BID:103954 | URL:http://www.securityfocus.com/bid/103954 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-2767;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"BID:103954 | URL:http://www.securityfocus.com/bid/103954 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2769;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103876 | URL:http://www.securityfocus.com/bid/103876 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.59;5;5;59;CVE-2018-2771;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103828 | URL:http://www.securityfocus.com/bid/103828 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2771;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103828 | URL:http://www.securityfocus.com/bid/103828 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2771;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103828 | URL:http://www.securityfocus.com/bid/103828 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.59;5;5;59;CVE-2018-2773;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103811 | URL:http://www.securityfocus.com/bid/103811 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2773;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103811 | URL:http://www.securityfocus.com/bid/103811 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2773;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103811 | URL:http://www.securityfocus.com/bid/103811 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2775;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103777 | URL:http://www.securityfocus.com/bid/103777 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2776;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103791 | URL:http://www.securityfocus.com/bid/103791 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2777;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103781 | URL:http://www.securityfocus.com/bid/103781 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2778;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103785 | URL:http://www.securityfocus.com/bid/103785 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2779;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103787 | URL:http://www.securityfocus.com/bid/103787 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2780;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103778 | URL:http://www.securityfocus.com/bid/103778 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.59;5;5;59;CVE-2018-2781;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103825 | URL:http://www.securityfocus.com/bid/103825 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2781;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103825 | URL:http://www.securityfocus.com/bid/103825 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2781;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103825 | URL:http://www.securityfocus.com/bid/103825 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2782;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103799 | URL:http://www.securityfocus.com/bid/103799 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2782;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103799 | URL:http://www.securityfocus.com/bid/103799 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2784;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103801 | URL:http://www.securityfocus.com/bid/103801 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2784;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103801 | URL:http://www.securityfocus.com/bid/103801 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2786;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:103779 | URL:http://www.securityfocus.com/bid/103779 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2787;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:103804 | URL:http://www.securityfocus.com/bid/103804 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2787;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:103804 | URL:http://www.securityfocus.com/bid/103804 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2805;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: GIS Extension). Supported versions that are affected are 5.6.39 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103831 | URL:http://www.securityfocus.com/bid/103831 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2810;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103783 | URL:http://www.securityfocus.com/bid/103783 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2812;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:103836 | URL:http://www.securityfocus.com/bid/103836 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.59;5;5;59;CVE-2018-2813;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"BID:103830 | URL:http://www.securityfocus.com/bid/103830 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2813;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"BID:103830 | URL:http://www.securityfocus.com/bid/103830 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2813;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"BID:103830 | URL:http://www.securityfocus.com/bid/103830 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2816;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103789 | URL:http://www.securityfocus.com/bid/103789 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.59;5;5;59;CVE-2018-2817;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103818 | URL:http://www.securityfocus.com/bid/103818 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2817;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103818 | URL:http://www.securityfocus.com/bid/103818 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2817;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103818 | URL:http://www.securityfocus.com/bid/103818 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.59;5;5;59;CVE-2018-2818;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103824 | URL:http://www.securityfocus.com/bid/103824 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2818;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103824 | URL:http://www.securityfocus.com/bid/103824 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2818;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103824 | URL:http://www.securityfocus.com/bid/103824 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.59;5;5;59;CVE-2018-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103814 | URL:http://www.securityfocus.com/bid/103814 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.39;5;6;39;CVE-2018-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103814 | URL:http://www.securityfocus.com/bid/103814 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:103814 | URL:http://www.securityfocus.com/bid/103814 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | REDHAT:RHSA-2018:2439 | URL:https://access.redhat.com/errata/RHSA-2018:2439 | REDHAT:RHSA-2018:2729 | URL:https://access.redhat.com/errata/RHSA-2018:2729 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2839;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103845 | URL:http://www.securityfocus.com/bid/103845 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.21;5;7;21;CVE-2018-2846;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:103790 | URL:http://www.securityfocus.com/bid/103790 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-3 | URL:https://usn.ubuntu.com/3629-3/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3054;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3054;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3056;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3056;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.60;5;5;60;CVE-2018-3058;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:104766 | URL:http://www.securityfocus.com/bid/104766 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.40;5;6;40;CVE-2018-3058;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:104766 | URL:http://www.securityfocus.com/bid/104766 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3058;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:104766 | URL:http://www.securityfocus.com/bid/104766 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3060;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3060;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3061;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104785 | URL:http://www.securityfocus.com/bid/104785 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.40;5;6;40;CVE-2018-3062;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104776 | URL:http://www.securityfocus.com/bid/104776 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3062;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104776 | URL:http://www.securityfocus.com/bid/104776 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3062;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104776 | URL:http://www.securityfocus.com/bid/104776 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.60;5;5;60;CVE-2018-3063;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104786 | URL:http://www.securityfocus.com/bid/104786 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.40;5;6;40;CVE-2018-3064;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"BID:104776 | URL:http://www.securityfocus.com/bid/104776 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3064;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"BID:104776 | URL:http://www.securityfocus.com/bid/104776 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3064;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior; 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"BID:104776 | URL:http://www.securityfocus.com/bid/104776 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3065;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3065;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.60;5;5;60;CVE-2018-3066;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).";"BID:104766 | URL:http://www.securityfocus.com/bid/104766 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.40;5;6;40;CVE-2018-3066;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).";"BID:104766 | URL:http://www.securityfocus.com/bid/104766 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3066;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).";"BID:104766 | URL:http://www.securityfocus.com/bid/104766 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3067;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104772 | URL:http://www.securityfocus.com/bid/104772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.60;5;5;60;CVE-2018-3070;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104766 | URL:http://www.securityfocus.com/bid/104766 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.40;5;6;40;CVE-2018-3070;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104766 | URL:http://www.securityfocus.com/bid/104766 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3070;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior; 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104766 | URL:http://www.securityfocus.com/bid/104766 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/ | UBUNTU:USN-3725-2 | URL:https://usn.ubuntu.com/3725-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3071;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Audit Log). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104784 | URL:http://www.securityfocus.com/bid/104784 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3073;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104772 | URL:http://www.securityfocus.com/bid/104772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3074;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:104772 | URL:http://www.securityfocus.com/bid/104772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3075;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104772 | URL:http://www.securityfocus.com/bid/104772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.22;5;7;22;CVE-2018-3077;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3077;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104769 | URL:http://www.securityfocus.com/bid/104769 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294 | UBUNTU:USN-3725-1 | URL:https://usn.ubuntu.com/3725-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3078;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104772 | URL:http://www.securityfocus.com/bid/104772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3079;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104772 | URL:http://www.securityfocus.com/bid/104772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3080;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:104772 | URL:http://www.securityfocus.com/bid/104772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3082;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"BID:104772 | URL:http://www.securityfocus.com/bid/104772 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.11;8;0;11;CVE-2018-3084;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Core / Client). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 2.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L).";"BID:104788 | URL:http://www.securityfocus.com/bid/104788 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180726-0002/ | SECTRACK:1041294 | URL:http://www.securitytracker.com/id/1041294";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2018-3123;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://support.f5.com/csp/article/K58502649 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2018-3123;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://support.f5.com/csp/article/K58502649 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2018-3123;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://support.f5.com/csp/article/K58502649 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.61;5;5;61;CVE-2018-3133;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105610 | URL:http://www.securityfocus.com/bid/105610 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.41;5;6;41;CVE-2018-3133;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105610 | URL:http://www.securityfocus.com/bid/105610 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3133;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105610 | URL:http://www.securityfocus.com/bid/105610 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3133;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105610 | URL:http://www.securityfocus.com/bid/105610 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3137;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.41;5;6;41;CVE-2018-3143;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3143;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3143;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3144;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3144;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3145;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3155;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3155;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.41;5;6;41;CVE-2018-3156;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3156;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3156;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3161;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3161;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3162;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3162;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3170;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3171;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3171;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3173;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3173;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.61;5;5;61;CVE-2018-3174;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H).";"BID:105612 | URL:http://www.securityfocus.com/bid/105612 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.41;5;6;41;CVE-2018-3174;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H).";"BID:105612 | URL:http://www.securityfocus.com/bid/105612 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3174;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H).";"BID:105612 | URL:http://www.securityfocus.com/bid/105612 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3174;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H).";"BID:105612 | URL:http://www.securityfocus.com/bid/105612 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3182;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3185;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3185;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3186;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3187;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3187;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3195;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3200;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3200;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3203;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3212;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Information Schema). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.41;5;6;41;CVE-2018-3247;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Merge). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3247;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Merge). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3247;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Merge). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.41;5;6;41;CVE-2018-3251;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3251;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3251;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.41;5;6;41;CVE-2018-3276;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3276;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3276;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3277;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3277;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.41;5;6;41;CVE-2018-3278;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3278;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3278;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR). Supported versions that are affected are 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105600 | URL:http://www.securityfocus.com/bid/105600 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3279;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3280;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: JSON). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+5.5.61;5;5;61;CVE-2018-3282;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105610 | URL:http://www.securityfocus.com/bid/105610 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.6.41;5;6;41;CVE-2018-3282;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105610 | URL:http://www.securityfocus.com/bid/105610 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3282;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105610 | URL:http://www.securityfocus.com/bid/105610 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3282;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior; 5.6.41 and prior; 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105610 | URL:http://www.securityfocus.com/bid/105610 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | DEBIAN:DSA-4341 | URL:https://www.debian.org/security/2018/dsa-4341 | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00007.html | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/ | UBUNTU:USN-3799-2 | URL:https://usn.ubuntu.com/3799-2/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3283;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Logging). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3283;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Logging). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2018-3284;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3284;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105594 | URL:http://www.securityfocus.com/bid/105594 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2018:3655 | URL:https://access.redhat.com/errata/RHSA-2018:3655 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888 | UBUNTU:USN-3799-1 | URL:https://usn.ubuntu.com/3799-1/";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3285;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Windows). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2018-3286;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"BID:105607 | URL:http://www.securityfocus.com/bid/105607 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ | SECTRACK:1041888 | URL:http://www.securitytracker.com/id/1041888";Assigned (20171215);"None (candidate not yet proposed)";""
+0.37.12;0;37;12;CVE-2018-6617;Candidate;"Easy Hosting Control Panel (EHCP) v0.37.12.b; when using a local MySQL server; allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password.";"MISC:http://hyp3rlinx.altervista.org/advisories/EHCP-v0.37.12.b-UNVERIFIED-PASSWORD-CHANGE.txt | MISC:http://packetstormsecurity.com/files/147558/Easy-Hosting-Control-Panel-0.37.12.b-Unverified-Password-Change.html";Assigned (20180204);"None (candidate not yet proposed)";""
+18.3.4;18;3;4;CVE-2019-1010259;Candidate;"SaltStack Salt 2018.3; 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.";"MISC:https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a | MISC:https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534 | MISC:https://github.com/saltstack/salt/pull/51462";Assigned (20190320);"None (candidate not yet proposed)";""
+9.0.1;9;0;1;CVE-2019-11200;Candidate;"Dolibarr ERP/CRM 9.0.1 provides a web-based functionality that backs up the database content to a dump file. However; the application performs insufficient checks on the export parameters to mysqldump; which can lead to execution of arbitrary binaries on the server. (Malicious binaries can be uploaded by abusing other functionalities of the application.)";"MISC:https://know.bishopfox.com/advisories/dolibarr-version-9-0-1-vulnerabilities";Assigned (20190411);"None (candidate not yet proposed)";""
+2.9.8;2;9;8;CVE-2019-12086;Candidate;"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint; the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath; and an attacker can host a crafted MySQL server reachable by the victim; an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.";"BID:109227 | URL:http://www.securityfocus.com/bid/109227 | BUGTRAQ:20190527 [SECURITY] [DSA 4452-1] jackson-databind security update | URL:https://seclists.org/bugtraq/2019/May/68 | CONFIRM:https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9 | URL:https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9 | CONFIRM:https://security.netapp.com/advisory/ntap-20190530-0003/ | URL:https://security.netapp.com/advisory/ntap-20190530-0003/ | DEBIAN:DSA-4452 | URL:https://www.debian.org/security/2019/dsa-4452 | FEDORA:FEDORA-2019-99ff6aa32c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/ | FEDORA:FEDORA-2019-ae6a703b8f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/ | FEDORA:FEDORA-2019-fb23eccc03 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/ | MISC:http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/ | URL:http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/ | MISC:https://github.com/FasterXML/jackson-databind/issues/2326 | URL:https://github.com/FasterXML/jackson-databind/issues/2326 | MISC:https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 | URL:https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 | MISC:https://www.oracle.com/security-alerts/cpuApr2021.html | URL:https://www.oracle.com/security-alerts/cpuApr2021.html | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | URL:https://www.oracle.com/security-alerts/cpuapr2020.html | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | URL:https://www.oracle.com/security-alerts/cpujan2020.html | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html | MISC:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | URL:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | MISC:https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | URL:https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | MLIST:[cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities | URL:https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E | MLIST:[debian-lts-announce] 20190521 [SECURITY] [DLA 1798-1] jackson-databind security update | URL:https://lists.debian.org/debian-lts-announce/2019/05/msg00030.html | MLIST:[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities | URL:https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E | MLIST:[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities | URL:https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E | MLIST:[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities | URL:https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E | MLIST:[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1 | URL:https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E | MLIST:[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E | MLIST:[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E | MLIST:[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E | MLIST:[spark-reviews] 20190520 [GitHub] [spark] Fokko opened a new pull request #24646: Spark 27757 | URL:https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E | REDHAT:RHSA-2019:2858 | URL:https://access.redhat.com/errata/RHSA-2019:2858 | REDHAT:RHSA-2019:2935 | URL:https://access.redhat.com/errata/RHSA-2019:2935 | REDHAT:RHSA-2019:2936 | URL:https://access.redhat.com/errata/RHSA-2019:2936 | REDHAT:RHSA-2019:2937 | URL:https://access.redhat.com/errata/RHSA-2019:2937 | REDHAT:RHSA-2019:2938 | URL:https://access.redhat.com/errata/RHSA-2019:2938 | REDHAT:RHSA-2019:2998 | URL:https://access.redhat.com/errata/RHSA-2019:2998 | REDHAT:RHSA-2019:3044 | URL:https://access.redhat.com/errata/RHSA-2019:3044 | REDHAT:RHSA-2019:3045 | URL:https://access.redhat.com/errata/RHSA-2019:3045 | REDHAT:RHSA-2019:3046 | URL:https://access.redhat.com/errata/RHSA-2019:3046 | REDHAT:RHSA-2019:3050 | URL:https://access.redhat.com/errata/RHSA-2019:3050 | REDHAT:RHSA-2019:3149 | URL:https://access.redhat.com/errata/RHSA-2019:3149 | REDHAT:RHSA-2019:3200 | URL:https://access.redhat.com/errata/RHSA-2019:3200";Assigned (20190513);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-12086;Candidate;"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint; the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath; and an attacker can host a crafted MySQL server reachable by the victim; an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.";"BID:109227 | URL:http://www.securityfocus.com/bid/109227 | BUGTRAQ:20190527 [SECURITY] [DSA 4452-1] jackson-databind security update | URL:https://seclists.org/bugtraq/2019/May/68 | CONFIRM:https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9 | URL:https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9 | CONFIRM:https://security.netapp.com/advisory/ntap-20190530-0003/ | URL:https://security.netapp.com/advisory/ntap-20190530-0003/ | DEBIAN:DSA-4452 | URL:https://www.debian.org/security/2019/dsa-4452 | FEDORA:FEDORA-2019-99ff6aa32c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/ | FEDORA:FEDORA-2019-ae6a703b8f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/ | FEDORA:FEDORA-2019-fb23eccc03 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/ | MISC:http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/ | URL:http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/ | MISC:https://github.com/FasterXML/jackson-databind/issues/2326 | URL:https://github.com/FasterXML/jackson-databind/issues/2326 | MISC:https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 | URL:https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 | MISC:https://www.oracle.com/security-alerts/cpuApr2021.html | URL:https://www.oracle.com/security-alerts/cpuApr2021.html | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | URL:https://www.oracle.com/security-alerts/cpuapr2020.html | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | URL:https://www.oracle.com/security-alerts/cpujan2020.html | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html | MISC:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | URL:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | MISC:https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | URL:https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | MLIST:[cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities | URL:https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E | MLIST:[debian-lts-announce] 20190521 [SECURITY] [DLA 1798-1] jackson-databind security update | URL:https://lists.debian.org/debian-lts-announce/2019/05/msg00030.html | MLIST:[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities | URL:https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E | MLIST:[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities | URL:https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E | MLIST:[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities | URL:https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E | MLIST:[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1 | URL:https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E | MLIST:[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E | MLIST:[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E | MLIST:[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E | MLIST:[spark-reviews] 20190520 [GitHub] [spark] Fokko opened a new pull request #24646: Spark 27757 | URL:https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E | REDHAT:RHSA-2019:2858 | URL:https://access.redhat.com/errata/RHSA-2019:2858 | REDHAT:RHSA-2019:2935 | URL:https://access.redhat.com/errata/RHSA-2019:2935 | REDHAT:RHSA-2019:2936 | URL:https://access.redhat.com/errata/RHSA-2019:2936 | REDHAT:RHSA-2019:2937 | URL:https://access.redhat.com/errata/RHSA-2019:2937 | REDHAT:RHSA-2019:2938 | URL:https://access.redhat.com/errata/RHSA-2019:2938 | REDHAT:RHSA-2019:2998 | URL:https://access.redhat.com/errata/RHSA-2019:2998 | REDHAT:RHSA-2019:3044 | URL:https://access.redhat.com/errata/RHSA-2019:3044 | REDHAT:RHSA-2019:3045 | URL:https://access.redhat.com/errata/RHSA-2019:3045 | REDHAT:RHSA-2019:3046 | URL:https://access.redhat.com/errata/RHSA-2019:3046 | REDHAT:RHSA-2019:3050 | URL:https://access.redhat.com/errata/RHSA-2019:3050 | REDHAT:RHSA-2019:3149 | URL:https://access.redhat.com/errata/RHSA-2019:3149 | REDHAT:RHSA-2019:3200 | URL:https://access.redhat.com/errata/RHSA-2019:3200";Assigned (20190513);"None (candidate not yet proposed)";""
+8.4.0;8;4;0;CVE-2019-12086;Candidate;"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint; the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath; and an attacker can host a crafted MySQL server reachable by the victim; an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.";"BID:109227 | URL:http://www.securityfocus.com/bid/109227 | BUGTRAQ:20190527 [SECURITY] [DSA 4452-1] jackson-databind security update | URL:https://seclists.org/bugtraq/2019/May/68 | CONFIRM:https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9 | URL:https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9 | CONFIRM:https://security.netapp.com/advisory/ntap-20190530-0003/ | URL:https://security.netapp.com/advisory/ntap-20190530-0003/ | DEBIAN:DSA-4452 | URL:https://www.debian.org/security/2019/dsa-4452 | FEDORA:FEDORA-2019-99ff6aa32c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/ | FEDORA:FEDORA-2019-ae6a703b8f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/ | FEDORA:FEDORA-2019-fb23eccc03 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/ | MISC:http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/ | URL:http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/ | MISC:https://github.com/FasterXML/jackson-databind/issues/2326 | URL:https://github.com/FasterXML/jackson-databind/issues/2326 | MISC:https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 | URL:https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 | MISC:https://www.oracle.com/security-alerts/cpuApr2021.html | URL:https://www.oracle.com/security-alerts/cpuApr2021.html | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | URL:https://www.oracle.com/security-alerts/cpuapr2020.html | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | URL:https://www.oracle.com/security-alerts/cpujan2020.html | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html | MISC:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | URL:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | MISC:https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | URL:https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | MLIST:[cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities | URL:https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E | MLIST:[debian-lts-announce] 20190521 [SECURITY] [DLA 1798-1] jackson-databind security update | URL:https://lists.debian.org/debian-lts-announce/2019/05/msg00030.html | MLIST:[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities | URL:https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E | MLIST:[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities | URL:https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E | MLIST:[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities | URL:https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E | MLIST:[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1 | URL:https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E | MLIST:[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E | MLIST:[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E | MLIST:[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E | MLIST:[spark-reviews] 20190520 [GitHub] [spark] Fokko opened a new pull request #24646: Spark 27757 | URL:https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E | REDHAT:RHSA-2019:2858 | URL:https://access.redhat.com/errata/RHSA-2019:2858 | REDHAT:RHSA-2019:2935 | URL:https://access.redhat.com/errata/RHSA-2019:2935 | REDHAT:RHSA-2019:2936 | URL:https://access.redhat.com/errata/RHSA-2019:2936 | REDHAT:RHSA-2019:2937 | URL:https://access.redhat.com/errata/RHSA-2019:2937 | REDHAT:RHSA-2019:2938 | URL:https://access.redhat.com/errata/RHSA-2019:2938 | REDHAT:RHSA-2019:2998 | URL:https://access.redhat.com/errata/RHSA-2019:2998 | REDHAT:RHSA-2019:3044 | URL:https://access.redhat.com/errata/RHSA-2019:3044 | REDHAT:RHSA-2019:3045 | URL:https://access.redhat.com/errata/RHSA-2019:3045 | REDHAT:RHSA-2019:3046 | URL:https://access.redhat.com/errata/RHSA-2019:3046 | REDHAT:RHSA-2019:3050 | URL:https://access.redhat.com/errata/RHSA-2019:3050 | REDHAT:RHSA-2019:3149 | URL:https://access.redhat.com/errata/RHSA-2019:3149 | REDHAT:RHSA-2019:3200 | URL:https://access.redhat.com/errata/RHSA-2019:3200";Assigned (20190513);"None (candidate not yet proposed)";""
+5.6.44;5;6;44;CVE-2019-12301;Candidate;"The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2.";"MISC:https://jira.percona.com/browse/PS-5640 | MISC:https://www.percona.com/blog/2019/05/17/percona-server-for-mysql-5-6-44-85-0-is-now-available/";Assigned (20190523);"None (candidate not yet proposed)";""
+5.4.0;5;4;0;CVE-2019-15635;Candidate;"An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g.; MySQL) are not encrypted. An admin user can reveal passwords for any data source by pressing the ""Save and test"" button within a data source's settings menu. When watching the transaction with Burp Proxy; the password for the data source is revealed and sent to the server. From a browser; a prompt to save the credentials is generated; and the password can be revealed by simply checking the ""Show password"" box.";"CONFIRM:https://security.netapp.com/advisory/ntap-20191009-0002/ | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/167244";Assigned (20190826);"None (candidate not yet proposed)";""
+65.0.0;65;0;0;CVE-2019-16065;Candidate;"A remote SQL injection web vulnerability was discovered in the Enigma NMS 65.0.0 and prior web application that allows an attacker to execute SQL commands to expose and compromise the web server; expose database tables and values; and potentially execute system-based commands as the mysql user. This affects the search_pattern value of the manage_hosts_short.cgi script.";"MISC:https://www.mogozobo.com/?p=3647";Assigned (20190906);"None (candidate not yet proposed)";""
+10.2.3;10;2;3;CVE-2019-16383;Candidate;"MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4; 2019 before 11.0.2; and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database; or may be able to alter the database via the REST API; aka SQL Injection.";"CONFIRM:https://community.ipswitch.com/s/article/SQL-Injection-Vulnerability | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2018SP2/ReleaseNotes/en/index.htm#46490.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm | MISC:http://packetstormsecurity.com/files/157208/MOVEit-Transfer-11.1.1-SQL-Injection.html";Assigned (20190917);"None (candidate not yet proposed)";""
+11.0.1;11;0;1;CVE-2019-16383;Candidate;"MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4; 2019 before 11.0.2; and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database; or may be able to alter the database via the REST API; aka SQL Injection.";"CONFIRM:https://community.ipswitch.com/s/article/SQL-Injection-Vulnerability | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2018SP2/ReleaseNotes/en/index.htm#46490.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm | MISC:http://packetstormsecurity.com/files/157208/MOVEit-Transfer-11.1.1-SQL-Injection.html";Assigned (20190917);"None (candidate not yet proposed)";""
+11.1.0;11;1;0;CVE-2019-16383;Candidate;"MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4; 2019 before 11.0.2; and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database; or may be able to alter the database via the REST API; aka SQL Injection.";"CONFIRM:https://community.ipswitch.com/s/article/SQL-Injection-Vulnerability | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2018SP2/ReleaseNotes/en/index.htm#46490.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm | MISC:http://packetstormsecurity.com/files/157208/MOVEit-Transfer-11.1.1-SQL-Injection.html";Assigned (20190917);"None (candidate not yet proposed)";""
+10.2.5;10;2;5;CVE-2019-18464;Candidate;"In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3); 11.0 before 11.0.4 (2019.0.4); and 11.1 before 11.1.3 (2019.1.3); multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database or may be able to alter the database.";"CONFIRM:https://community.ipswitch.com/s/article/SQL-Injection-Vulnerability-2 | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2018SP2/ReleaseNotes/en/index.htm#46490.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm";Assigned (20191025);"None (candidate not yet proposed)";""
+11.0.3;11;0;3;CVE-2019-18464;Candidate;"In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3); 11.0 before 11.0.4 (2019.0.4); and 11.1 before 11.1.3 (2019.1.3); multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database or may be able to alter the database.";"CONFIRM:https://community.ipswitch.com/s/article/SQL-Injection-Vulnerability-2 | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2018SP2/ReleaseNotes/en/index.htm#46490.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm";Assigned (20191025);"None (candidate not yet proposed)";""
+19.0.3;19;0;3;CVE-2019-18464;Candidate;"In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3); 11.0 before 11.0.4 (2019.0.4); and 11.1 before 11.1.3 (2019.1.3); multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database or may be able to alter the database.";"CONFIRM:https://community.ipswitch.com/s/article/SQL-Injection-Vulnerability-2 | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2018SP2/ReleaseNotes/en/index.htm#46490.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm";Assigned (20191025);"None (candidate not yet proposed)";""
+11.1.2;11;1;2;CVE-2019-18464;Candidate;"In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3); 11.0 before 11.0.4 (2019.0.4); and 11.1 before 11.1.3 (2019.1.3); multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database or may be able to alter the database.";"CONFIRM:https://community.ipswitch.com/s/article/SQL-Injection-Vulnerability-2 | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2018SP2/ReleaseNotes/en/index.htm#46490.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm";Assigned (20191025);"None (candidate not yet proposed)";""
+19.1.2;19;1;2;CVE-2019-18464;Candidate;"In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3); 11.0 before 11.0.4 (2019.0.4); and 11.1 before 11.1.3 (2019.1.3); multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database or may be able to alter the database.";"CONFIRM:https://community.ipswitch.com/s/article/SQL-Injection-Vulnerability-2 | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2018SP2/ReleaseNotes/en/index.htm#46490.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm";Assigned (20191025);"None (candidate not yet proposed)";""
+10.2.31;10;2;31;CVE-2019-18901;Candidate;"A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12; SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1.";"CONFIRM:https://bugzilla.suse.com/show_bug.cgi?id=1160895 | URL:https://bugzilla.suse.com/show_bug.cgi?id=1160895 | SUSE:openSUSE-SU-2020:0289 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html";Assigned (20191112);"None (candidate not yet proposed)";""
+3.25.1;3;25;1;CVE-2019-18901;Candidate;"A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12; SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1.";"CONFIRM:https://bugzilla.suse.com/show_bug.cgi?id=1160895 | URL:https://bugzilla.suse.com/show_bug.cgi?id=1160895 | SUSE:openSUSE-SU-2020:0289 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html";Assigned (20191112);"None (candidate not yet proposed)";""
+3.26.1;3;26;1;CVE-2019-18901;Candidate;"A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12; SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1.";"CONFIRM:https://bugzilla.suse.com/show_bug.cgi?id=1160895 | URL:https://bugzilla.suse.com/show_bug.cgi?id=1160895 | SUSE:openSUSE-SU-2020:0289 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html";Assigned (20191112);"None (candidate not yet proposed)";""
+2.0.27;2;0;27;CVE-2019-20917;Candidate;"An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules; this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.";"DEBIAN:DSA-4764 | URL:https://www.debian.org/security/2020/dsa-4764 | MISC:https://docs.inspircd.org/security/2019-02/ | MISC:https://github.com/inspircd/inspircd/commit/2cc35d8625b7ea5cbd1d1ebb116aff86c5280162 | MISC:https://github.com/inspircd/inspircd/commit/8745660fcdac7c1b80c94cfc0ff60928cd4dd4b7 | MLIST:[debian-lts-announce] 20200920 [SECURITY] [DLA 2375-1] inspircd security update | URL:https://lists.debian.org/debian-lts-announce/2020/09/msg00015.html";Assigned (20200911);"None (candidate not yet proposed)";""
+3.3.-1;3;3;-1;CVE-2019-20917;Candidate;"An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules; this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.";"DEBIAN:DSA-4764 | URL:https://www.debian.org/security/2020/dsa-4764 | MISC:https://docs.inspircd.org/security/2019-02/ | MISC:https://github.com/inspircd/inspircd/commit/2cc35d8625b7ea5cbd1d1ebb116aff86c5280162 | MISC:https://github.com/inspircd/inspircd/commit/8745660fcdac7c1b80c94cfc0ff60928cd4dd4b7 | MLIST:[debian-lts-announce] 20200920 [SECURITY] [DLA 2375-1] inspircd security update | URL:https://lists.debian.org/debian-lts-announce/2020/09/msg00015.html";Assigned (20200911);"None (candidate not yet proposed)";""
+3.0.4;3;0;4;CVE-2019-20917;Candidate;"An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules; this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.";"DEBIAN:DSA-4764 | URL:https://www.debian.org/security/2020/dsa-4764 | MISC:https://docs.inspircd.org/security/2019-02/ | MISC:https://github.com/inspircd/inspircd/commit/2cc35d8625b7ea5cbd1d1ebb116aff86c5280162 | MISC:https://github.com/inspircd/inspircd/commit/8745660fcdac7c1b80c94cfc0ff60928cd4dd4b7 | MLIST:[debian-lts-announce] 20200920 [SECURITY] [DLA 2375-1] inspircd security update | URL:https://lists.debian.org/debian-lts-announce/2020/09/msg00015.html";Assigned (20200911);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2420;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2420;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2434;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2434;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2436;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BID:106625 | URL:http://www.securityfocus.com/bid/106625 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2019-2455;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106628 | URL:http://www.securityfocus.com/bid/106628 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2455;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106628 | URL:http://www.securityfocus.com/bid/106628 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2455;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106628 | URL:http://www.securityfocus.com/bid/106628 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2019-2481;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2481;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2481;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2019-2482;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2482;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2482;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2486;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2486;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2494;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106625 | URL:http://www.securityfocus.com/bid/106625 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2495;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106625 | URL:http://www.securityfocus.com/bid/106625 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2502;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106625 | URL:http://www.securityfocus.com/bid/106625 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2019-2503;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H).";"BID:106626 | URL:http://www.securityfocus.com/bid/106626 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2503;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H).";"BID:106626 | URL:http://www.securityfocus.com/bid/106626 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2503;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H).";"BID:106626 | URL:http://www.securityfocus.com/bid/106626 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2019-2507;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2507;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2507;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2510;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2510;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2513;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N).";"BID:106622 | URL:http://www.securityfocus.com/bid/106622 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2528;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2528;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2019-2529;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2529;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2529;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2530;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106625 | URL:http://www.securityfocus.com/bid/106625 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2019-2531;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2531;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2531;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2532;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2532;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106627 | URL:http://www.securityfocus.com/bid/106627 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2533;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2019-2534;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2534;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2534;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2535;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106622 | URL:http://www.securityfocus.com/bid/106622 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2536;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:N/A:H).";"BID:106622 | URL:http://www.securityfocus.com/bid/106622 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.42;5;6;42;CVE-2019-2537;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.24;5;7;24;CVE-2019-2537;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2537;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior; 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106619 | URL:http://www.securityfocus.com/bid/106619 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | GENTOO:GLSA-201908-24 | URL:https://security.gentoo.org/glsa/201908-24 | MLIST:[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update | URL:https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html | REDHAT:RHSA-2019:1258 | URL:https://access.redhat.com/errata/RHSA-2019:1258 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | UBUNTU:USN-3867-1 | URL:https://usn.ubuntu.com/3867-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.13;8;0;13;CVE-2019-2539;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BID:106625 | URL:http://www.securityfocus.com/bid/106625 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | CONFIRM:https://security.netapp.com/advisory/ntap-20190118-0002/ | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.25;5;7;25;CVE-2019-2566;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K58502649 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2566;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K58502649 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2580;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K58502649 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.25;5;7;25;CVE-2019-2581;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K58502649 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2581;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K58502649 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2584;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K58502649 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2585;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K54470776 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2587;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K54470776 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2589;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K54470776 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.25;5;7;25;CVE-2019-2592;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K54470776 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2592;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K54470776 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2593;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K54470776 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2596;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K52514501 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2606;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K52514501 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2607;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K52514501 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.43;5;6;43;CVE-2019-2614;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior; 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K52514501 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:1913 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html | SUSE:openSUSE-SU-2019:1915 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/ | UBUNTU:USN-3957-2 | URL:https://usn.ubuntu.com/3957-2/ | UBUNTU:USN-3957-3 | URL:https://usn.ubuntu.com/3957-3/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.25;5;7;25;CVE-2019-2614;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior; 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K52514501 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:1913 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html | SUSE:openSUSE-SU-2019:1915 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/ | UBUNTU:USN-3957-2 | URL:https://usn.ubuntu.com/3957-2/ | UBUNTU:USN-3957-3 | URL:https://usn.ubuntu.com/3957-3/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2614;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior; 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K52514501 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:1913 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html | SUSE:openSUSE-SU-2019:1915 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/ | UBUNTU:USN-3957-2 | URL:https://usn.ubuntu.com/3957-2/ | UBUNTU:USN-3957-3 | URL:https://usn.ubuntu.com/3957-3/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2617;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K52514501 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2620;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K43540241 | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2623;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K43540241 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2624;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K43540241 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2625;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K43540241 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2626;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K43540241 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.43;5;6;43;CVE-2019-2627;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior; 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K32798641 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:1913 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html | SUSE:openSUSE-SU-2019:1915 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/ | UBUNTU:USN-3957-2 | URL:https://usn.ubuntu.com/3957-2/ | UBUNTU:USN-3957-3 | URL:https://usn.ubuntu.com/3957-3/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.25;5;7;25;CVE-2019-2627;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior; 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K32798641 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:1913 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html | SUSE:openSUSE-SU-2019:1915 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/ | UBUNTU:USN-3957-2 | URL:https://usn.ubuntu.com/3957-2/ | UBUNTU:USN-3957-3 | URL:https://usn.ubuntu.com/3957-3/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2627;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior; 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K32798641 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2327 | URL:https://access.redhat.com/errata/RHSA-2019:2327 | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:1913 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html | SUSE:openSUSE-SU-2019:1915 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/ | UBUNTU:USN-3957-2 | URL:https://usn.ubuntu.com/3957-2/ | UBUNTU:USN-3957-3 | URL:https://usn.ubuntu.com/3957-3/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.25;5;7;25;CVE-2019-2628;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K32798641 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:1913 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html | SUSE:openSUSE-SU-2019:1915 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2628;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K32798641 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:1913 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html | SUSE:openSUSE-SU-2019:1915 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2630;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K32798641 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2631;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Information Schema). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K32798641 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.25;5;7;25;CVE-2019-2632;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://support.f5.com/csp/article/K32798641 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2632;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://support.f5.com/csp/article/K32798641 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2634;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K42793451 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2635;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K42793451 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2636;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Group Replication Plugin). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via MySQL Procotol to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K42793451 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2644;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K42793451 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2681;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K42793451 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.43;5;6;43;CVE-2019-2683;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.6.43 and prior; 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K28312671 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.25;5;7;25;CVE-2019-2683;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.6.43 and prior; 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K28312671 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2683;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.6.43 and prior; 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K28312671 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-3957-1 | URL:https://usn.ubuntu.com/3957-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2685;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K28312671 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2686;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K28312671 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2687;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K28312671 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2688;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K28312671 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2689;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K04246541 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2691;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K04246541 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2693;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K04246541 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2694;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K04246541 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2695;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K04246541 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.44;5;6;44;CVE-2019-2730;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior and 5.7.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.18;5;7;18;CVE-2019-2730;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior and 5.7.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.23;5;7;23;CVE-2019-2731;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L).";"CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.44;5;6;44;CVE-2019-2737;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2737;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2737;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.44;5;6;44;CVE-2019-2738;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2738;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2738;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.44;5;6;44;CVE-2019-2739;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2739;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2739;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K51272092 | CONFIRM:https://support.f5.com/csp/article/K51272092?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.44;5;6;44;CVE-2019-2740;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K03444640 | CONFIRM:https://support.f5.com/csp/article/K03444640?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2740;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K03444640 | CONFIRM:https://support.f5.com/csp/article/K03444640?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2740;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K03444640 | CONFIRM:https://support.f5.com/csp/article/K03444640?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2741;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Log). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K03444640 | CONFIRM:https://support.f5.com/csp/article/K03444640?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2741;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Log). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K03444640 | CONFIRM:https://support.f5.com/csp/article/K03444640?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2019-2743;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.12 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K03444640 | CONFIRM:https://support.f5.com/csp/article/K03444640?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2019-2746;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Data Dictionary). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K03444640 | CONFIRM:https://support.f5.com/csp/article/K03444640?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.12;8;0;12;CVE-2019-2747;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K03444640 | CONFIRM:https://support.f5.com/csp/article/K03444640?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2752;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K14118520 | CONFIRM:https://support.f5.com/csp/article/K14118520?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.25;5;7;25;CVE-2019-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K14118520 | CONFIRM:https://support.f5.com/csp/article/K14118520?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K14118520 | CONFIRM:https://support.f5.com/csp/article/K14118520?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2757;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K14118520 | CONFIRM:https://support.f5.com/csp/article/K14118520?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2757;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K14118520 | CONFIRM:https://support.f5.com/csp/article/K14118520?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2758;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://support.f5.com/csp/article/K14118520 | CONFIRM:https://support.f5.com/csp/article/K14118520?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2758;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://support.f5.com/csp/article/K14118520 | CONFIRM:https://support.f5.com/csp/article/K14118520?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2774;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K14118520 | CONFIRM:https://support.f5.com/csp/article/K14118520?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2774;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K14118520 | CONFIRM:https://support.f5.com/csp/article/K14118520?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2778;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L).";"CONFIRM:https://support.f5.com/csp/article/K19194273 | CONFIRM:https://support.f5.com/csp/article/K19194273?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2778;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L).";"CONFIRM:https://support.f5.com/csp/article/K19194273 | CONFIRM:https://support.f5.com/csp/article/K19194273?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2780;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Components / Services). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K19194273 | CONFIRM:https://support.f5.com/csp/article/K19194273?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2784;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K19194273 | CONFIRM:https://support.f5.com/csp/article/K19194273?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2785;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K19194273 | CONFIRM:https://support.f5.com/csp/article/K19194273?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2789;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://support.f5.com/csp/article/K19194273 | CONFIRM:https://support.f5.com/csp/article/K19194273?utm_source=f5support&utm_medium=RSS | FEDORA:FEDORA-2019-96516ce0ac | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/ | FEDORA:FEDORA-2019-c106e46a95 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2791;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:https://support.f5.com/csp/article/K23125024 | CONFIRM:https://support.f5.com/csp/article/K23125024?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2791;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:https://support.f5.com/csp/article/K23125024 | CONFIRM:https://support.f5.com/csp/article/K23125024?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2795;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K23125024 | CONFIRM:https://support.f5.com/csp/article/K23125024?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2796;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K23125024 | CONFIRM:https://support.f5.com/csp/article/K23125024?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2797;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K23125024 | CONFIRM:https://support.f5.com/csp/article/K23125024?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2797;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K23125024 | CONFIRM:https://support.f5.com/csp/article/K23125024?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.15;8;0;15;CVE-2019-2798;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K23125024 | CONFIRM:https://support.f5.com/csp/article/K23125024?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2800;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://support.f5.com/csp/article/K04831884 | CONFIRM:https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2801;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K04831884 | CONFIRM:https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2802;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K04831884 | CONFIRM:https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2803;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K04831884 | CONFIRM:https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.44;5;6;44;CVE-2019-2805;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K04831884 | CONFIRM:https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2805;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K04831884 | CONFIRM:https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2805;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"BUGTRAQ:20190802 [slackware-security] mariadb (SSA:2019-213-01) | URL:https://seclists.org/bugtraq/2019/Aug/1 | CONFIRM:https://support.f5.com/csp/article/K04831884 | CONFIRM:https://support.f5.com/csp/article/K04831884?utm_source=f5support&utm_medium=RSS | MISC:http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | REDHAT:RHSA-2019:3708 | URL:https://access.redhat.com/errata/RHSA-2019:3708 | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/ | UBUNTU:USN-4070-2 | URL:https://usn.ubuntu.com/4070-2/ | UBUNTU:USN-4070-3 | URL:https://usn.ubuntu.com/4070-3/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2808;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K10754336 | CONFIRM:https://support.f5.com/csp/article/K10754336?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2810;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K10754336 | CONFIRM:https://support.f5.com/csp/article/K10754336?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2811;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K10754336 | CONFIRM:https://support.f5.com/csp/article/K10754336?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2812;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K10754336 | CONFIRM:https://support.f5.com/csp/article/K10754336?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2814;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.2 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://support.f5.com/csp/article/K10754336 | CONFIRM:https://support.f5.com/csp/article/K10754336?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2815;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K02585438 | CONFIRM:https://support.f5.com/csp/article/K02585438?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.44;5;6;44;CVE-2019-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://support.f5.com/csp/article/K02585438 | CONFIRM:https://support.f5.com/csp/article/K02585438?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://support.f5.com/csp/article/K02585438 | CONFIRM:https://support.f5.com/csp/article/K02585438?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://support.f5.com/csp/article/K02585438 | CONFIRM:https://support.f5.com/csp/article/K02585438?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511 | UBUNTU:USN-4070-1 | URL:https://usn.ubuntu.com/4070-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2822;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Admin / InnoDB Cluster). Supported versions that are affected are 8.0.16 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.5 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).";"CONFIRM:https://support.f5.com/csp/article/K02585438 | CONFIRM:https://support.f5.com/csp/article/K02585438?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2826;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K02585438 | CONFIRM:https://support.f5.com/csp/article/K02585438?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2830;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K84141449 | CONFIRM:https://support.f5.com/csp/article/K84141449?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2834;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://support.f5.com/csp/article/K84141449 | CONFIRM:https://support.f5.com/csp/article/K84141449?utm_source=f5support&utm_medium=RSS | MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2879;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MISC:http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | REDHAT:RHSA-2019:2484 | URL:https://access.redhat.com/errata/RHSA-2019:2484 | REDHAT:RHSA-2019:2511 | URL:https://access.redhat.com/errata/RHSA-2019:2511";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.45;5;6;45;CVE-2019-2910;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2910;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.45;5;6;45;CVE-2019-2911;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior; 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2911;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior; 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2911;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior; 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2914;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2914;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.45;5;6;45;CVE-2019-2922;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2922;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.45;5;6;45;CVE-2019-2923;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2923;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.45;5;6;45;CVE-2019-2924;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2924;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2938;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/ | UBUNTU:USN-4195-2 | URL:https://usn.ubuntu.com/4195-2/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2938;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/ | UBUNTU:USN-4195-2 | URL:https://usn.ubuntu.com/4195-2/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2946;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2946;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2948;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2948;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2950;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2957;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2960;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2960;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2963;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2966;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2967;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2968;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.44;5;6;44;CVE-2019-2969;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.26;5;7;26;CVE-2019-2969;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-2969;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.6.44 and prior; 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.6.45;5;6;45;CVE-2019-2974;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior; 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/ | UBUNTU:USN-4195-2 | URL:https://usn.ubuntu.com/4195-2/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2974;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior; 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/ | UBUNTU:USN-4195-2 | URL:https://usn.ubuntu.com/4195-2/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2974;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior; 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | SUSE:openSUSE-SU-2019:2698 | URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/ | UBUNTU:USN-4195-2 | URL:https://usn.ubuntu.com/4195-2/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2982;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+5.7.27;5;7;27;CVE-2019-2993;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2993;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2997;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-2998;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.16;8;0;16;CVE-2019-3003;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-3004;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-3009;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection). Supported versions that are affected are 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-3011;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2019-3018;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20191017-0002/ | FEDORA:FEDORA-2019-48a0a07033 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/ | FEDORA:FEDORA-2019-c1fab3f139 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/ | FEDORA:FEDORA-2019-d40df38271 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/ | MISC:http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | UBUNTU:USN-4195-1 | URL:https://usn.ubuntu.com/4195-1/";Assigned (20181214);"None (candidate not yet proposed)";""
+3.1.7;3;1;7;CVE-2020-13249;Candidate;"libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL; this issue does not affect any MySQL components supported by Oracle.";"FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | MISC:https://github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945 | MISC:https://github.com/mariadb-corporation/mariadb-connector-c/compare/v3.1.7...v3.1.8 | SUSE:openSUSE-SU-2020:0738 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00064.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html";Assigned (20200520);"None (candidate not yet proposed)";""
+3.1.6;3;1;6;CVE-2020-13249;Candidate;"libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL; this issue does not affect any MySQL components supported by Oracle.";"FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | MISC:https://github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945 | MISC:https://github.com/mariadb-corporation/mariadb-connector-c/compare/v3.1.7...v3.1.8 | SUSE:openSUSE-SU-2020:0738 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00064.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html";Assigned (20200520);"None (candidate not yet proposed)";""
+4.17.6;4;17;6;CVE-2020-14027;Candidate;"An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments; such as ENABLE_LOCAL_INFILE; that can be leveraged by attackers to enable MySQL Load Data Local (rogue MySQL server) attacks.";"MISC:http://www.ozeki.hu/index.php?owpn=231 | MISC:https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14027-MySQL%20LOAD%20DATA%20LOCAL%20INFILE%20Attack-Ozeki%20SMS%20Gateway";Assigned (20200611);"None (candidate not yet proposed)";""
+5.6.48;5;6;48;CVE-2020-14539;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.48 and prior; 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.30;5;7;30;CVE-2020-14539;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.48 and prior; 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14539;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.48 and prior; 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.30;5;7;30;CVE-2020-14540;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14540;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.30;5;7;30;CVE-2020-14547;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14547;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.30;5;7;30;CVE-2020-14553;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14553;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+5.6.48;5;6;48;CVE-2020-14559;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.6.48 and prior; 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.30;5;7;30;CVE-2020-14559;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.6.48 and prior; 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14559;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.6.48 and prior; 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.29;5;7;29;CVE-2020-14567;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-14567;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14568;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14575;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.30;5;7;30;CVE-2020-14576;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14576;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14586;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14591;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14597;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14614;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14619;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | FEDORA:FEDORA-2020-77b95c868f | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/ | FEDORA:FEDORA-2020-9c27be9396 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/ | FEDORA:FEDORA-2020-d5b2e71a17 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14620;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14623;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14624;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14631;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Audit). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14632;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14633;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14634;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14641;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14643;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14651;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14654;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14656;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14663;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+5.6.49;5;6;49;CVE-2020-14672;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14672;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14672;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14678;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14680;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14697;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14702;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200717-0004/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html | UBUNTU:USN-4441-1 | URL:https://usn.ubuntu.com/4441-1/";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14725;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200731-0006/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujul2020.html | URL:https://www.oracle.com/security-alerts/cpujul2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14760;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.6.49;5;6;49;CVE-2020-14765;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html | MLIST:[debian-lts-announce] 20210131 [SECURITY] [DLA 2538-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/01/msg00027.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14765;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html | MLIST:[debian-lts-announce] 20210131 [SECURITY] [DLA 2538-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/01/msg00027.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14765;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html | MLIST:[debian-lts-announce] 20210131 [SECURITY] [DLA 2538-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/01/msg00027.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.6.49;5;6;49;CVE-2020-14769;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14769;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14769;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14771;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14771;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14773;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14775;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14775;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14776;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14776;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14777;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14785;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14786;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14789;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14789;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14790;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14790;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14791;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.6.49;5;6;49;CVE-2020-14793;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14793;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14793;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14794;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-4f9ee82bc5 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZU3PA5XJXNQ4C4F6435ARM6WKM3OZYR/ | FEDORA:FEDORA-2020-53df1c05be | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVS6KNVBZCLZBKNJ5JA2PGAG3NTOJVH6/ | FEDORA:FEDORA-2020-eee64a579c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7RVY2Z7HYQHFJXBGARXUAGKUDAWYPP4/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-14799;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14800;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14804;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14809;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.6.49;5;6;49;CVE-2020-14812;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html | MLIST:[debian-lts-announce] 20210131 [SECURITY] [DLA 2538-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/01/msg00027.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14812;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html | MLIST:[debian-lts-announce] 20210131 [SECURITY] [DLA 2538-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/01/msg00027.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14812;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | FEDORA:FEDORA-2020-561eed63ef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPW5YMZR5C7D7NBZQSTDOB3XAI5QP32Y/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | FEDORA:FEDORA-2020-b995eb2973 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBZZ3XIRPFPAWBZLYBN777ANXSFXAPPB/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html | MLIST:[debian-lts-announce] 20210131 [SECURITY] [DLA 2538-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/01/msg00027.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14814;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14821;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14827;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14827;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14828;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14829;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14830;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14836;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14837;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14838;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14839;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14844;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14845;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14846;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14848;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14852;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14860;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14861;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14866;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.6.49;5;6;49;CVE-2020-14867;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14867;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14867;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.6.49 and prior; 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14868;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+5.7.31;5;7;31;CVE-2020-14869;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14869;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14870;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14873;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14878;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 8.0 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14888;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14891;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2020-14893;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20201023-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuoct2020.html | URL:https://www.oracle.com/security-alerts/cpuoct2020.html";Assigned (20200619);"None (candidate not yet proposed)";""
+4.30.-1;4;30;-1;CVE-2020-15051;Candidate;"An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name; Your Email Address; Group Name; MYSQL Server; Database; MYSQL Username; Group Name; and Task Description fields.";"MISC:http://artica-proxy.com/telechargements/ | MISC:https://github.com/pratikshad19/CVE-2020-15051";Assigned (20200625);"None (candidate not yet proposed)";""
+5.7.28;5;7;28;CVE-2020-2572;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plugin). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2572;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plugin). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.28;5;7;28;CVE-2020-2577;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2577;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.6.46;5;6;46;CVE-2020-2579;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.46 and prior; 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.28;5;7;28;CVE-2020-2579;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.46 and prior; 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2579;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.46 and prior; 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2020-2580;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.28;5;7;28;CVE-2020-2584;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2584;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2588;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.28;5;7;28;CVE-2020-2589;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2020-2589;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2627;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+1.58.1;1;58;1;CVE-2020-26277;Candidate;"DBdeployer is a tool that deploys MySQL database servers easily. In DBdeployer before version 1.58.2; users unpacking a tarball may use a maliciously packaged tarball that contains symlinks to files external to the target. In such scenario; an attacker could induce dbdeployer to write into a system file; thus altering the computer defenses. For the attack to succeed; the following factors need to contribute: 1) The user is logged in as root. While dbdeployer is usable as root; it was designed to run as unprivileged user. 2) The user has taken a tarball from a non secure source; without testing the checksum. When the tarball is retrieved through dbdeployer; the checksum is compared before attempting to unpack. This has been fixed in version 1.58.2.";"CONFIRM:https://github.com/datacharmer/dbdeployer/security/advisories/GHSA-47wr-426j-fr82 | URL:https://github.com/datacharmer/dbdeployer/security/advisories/GHSA-47wr-426j-fr82 | MISC:https://github.com/datacharmer/dbdeployer/commit/548e256c1de2f99746e861454e7714ec6bc9bb10 | URL:https://github.com/datacharmer/dbdeployer/commit/548e256c1de2f99746e861454e7714ec6bc9bb10";Assigned (20201001);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2020-26542;Candidate;"An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory; Percona has discovered a flaw that would allow authentication to complete when passing a blank value for the account password; leading to access against the service integrated with which Active Directory is deployed at the level granted to the authenticating account.";"CONFIRM:https://www.percona.com/blog/2020/10/13/percona-distribution-for-mysql-pxc-variant-8-0-20-fixes-for-security-vulnerability-release-roundup-october-13-2020/ | CONFIRM:https://www.percona.com/doc/percona-distribution-mysql/8.0/release-notes-pxc-v8.0.20.upd2.html | MISC:https://jira.percona.com/browse/PS-7358 | MISC:https://jira.percona.com/browse/PSMDB-726";Assigned (20201002);"None (candidate not yet proposed)";""
+5.7.28;5;7;28;CVE-2020-2660;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2660;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2679;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2686;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2694;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.18 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200122-0002/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2020.html | UBUNTU:USN-4250-1 | URL:https://usn.ubuntu.com/4250-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2759;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.29;5;7;29;CVE-2020-2760;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202012-08 | URL:https://security.gentoo.org/glsa/202012-08 | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2760;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202012-08 | URL:https://security.gentoo.org/glsa/202012-08 | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2761;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2762;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.6.47;5;6;47;CVE-2020-2763;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.29;5;7;29;CVE-2020-2763;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2763;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.29;5;7;29;CVE-2020-2765;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2765;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2770;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2774;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2779;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html";Assigned (20191210);"None (candidate not yet proposed)";""
+5.6.47;5;6;47;CVE-2020-2780;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.29;5;7;29;CVE-2020-2780;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2780;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.28;5;7;28;CVE-2020-2790;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 5.7.28 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html";Assigned (20191210);"None (candidate not yet proposed)";""
+5.6.47;5;6;47;CVE-2020-2804;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.29;5;7;29;CVE-2020-2804;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2804;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.28;5;7;28;CVE-2020-2806;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling). Supported versions that are affected are 5.7.28 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html";Assigned (20191210);"None (candidate not yet proposed)";""
+5.6.47;5;6;47;CVE-2020-2812;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202012-08 | URL:https://security.gentoo.org/glsa/202012-08 | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.29;5;7;29;CVE-2020-2812;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202012-08 | URL:https://security.gentoo.org/glsa/202012-08 | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2812;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior; 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202012-08 | URL:https://security.gentoo.org/glsa/202012-08 | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+5.6.47;5;6;47;CVE-2020-2814;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior; 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202012-08 | URL:https://security.gentoo.org/glsa/202012-08 | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html";Assigned (20191210);"None (candidate not yet proposed)";""
+5.7.28;5;7;28;CVE-2020-2814;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior; 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202012-08 | URL:https://security.gentoo.org/glsa/202012-08 | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2814;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior; 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | FEDORA:FEDORA-2020-35f52d9370 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ | FEDORA:FEDORA-2020-ac2d47d89a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ | GENTOO:GLSA-202012-08 | URL:https://security.gentoo.org/glsa/202012-08 | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | SUSE:openSUSE-SU-2020:0870 | URL:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.18;8;0;18;CVE-2020-2853;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2892;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2893;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2895;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2896;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2897;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2898;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). The supported version that is affected is 8.0.19. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2901;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2903;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2904;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2921;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2923;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2924;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2925;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2926;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2928;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2020-2930;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20200416-0003/ | FEDORA:FEDORA-2020-136dc82437 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ | FEDORA:FEDORA-2020-20ac7c92a1 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ | FEDORA:FEDORA-2020-261c9ddd7c | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpuapr2020.html | UBUNTU:USN-4350-1 | URL:https://usn.ubuntu.com/4350-1/";Assigned (20191210);"None (candidate not yet proposed)";""
+1.4.0;1;4;0;CVE-2020-5426;Candidate;"Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection. This also depended on the configuration of the MySQL server which is used to cache a UAA client token used by the service. If intercepted the token can give an attacker admin level access in the cloud controller.";"CONFIRM:https://tanzu.vmware.com/security/cve-2020-5426 | URL:https://tanzu.vmware.com/security/cve-2020-5426";Assigned (20200103);"None (candidate not yet proposed)";""
+0.7.24;0;7;24;CVE-2020-5777;Candidate;"MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger this connection failure if the Mysql setting max_connections (default 151) is lower than Apache (or another web server) setting MaxRequestWorkers (formerly MaxClients) (default 256). This can be done by sending at least 151 simultaneous requests to the Magento website to trigger a ""Too many connections"" error; then use default magmi:magmi basic authentication to remotely bypass authentication.";"MISC:https://www.tenable.com/security/research/tra-2020-51 | URL:https://www.tenable.com/security/research/tra-2020-51";Assigned (20200106);"None (candidate not yet proposed)";""
+10.4.7;10;4;7;CVE-2020-7221;Candidate;"mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely; as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. NOTE: this does not affect the Oracle MySQL product; which implements mysql_install_db differently.";"CONFIRM:https://github.com/MariaDB/server/commit/9d18b6246755472c8324bf3e20e234e08ac45618 | MISC:https://bugzilla.suse.com/show_bug.cgi?id=1160868 | MISC:https://seclists.org/oss-sec/2020/q1/55";Assigned (20200117);"None (candidate not yet proposed)";""
+10.4.11;10;4;11;CVE-2020-7221;Candidate;"mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely; as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. NOTE: this does not affect the Oracle MySQL product; which implements mysql_install_db differently.";"CONFIRM:https://github.com/MariaDB/server/commit/9d18b6246755472c8324bf3e20e234e08ac45618 | MISC:https://bugzilla.suse.com/show_bug.cgi?id=1160868 | MISC:https://seclists.org/oss-sec/2020/q1/55";Assigned (20200117);"None (candidate not yet proposed)";""
+2.2.0;2;2;0;CVE-2020-7920;Candidate;"pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2.1 allows unauthenticated denial of service.";"MISC:https://jira.percona.com/browse/PMM-5232 | MISC:https://jira.percona.com/browse/PMM-5233 | MISC:https://www.percona.com/blog/2020/02/03/improvements-in-pmm-bug-fixes-in-percona-server-percona-backup-for-mongodb-alert-release-roundup-2-3-2020/ | MISC:https://www.percona.com/doc/percona-monitoring-and-management/2.x/release-notes/2.2.1.html";Assigned (20200123);"None (candidate not yet proposed)";""
+19.1.3;19;1;3;CVE-2020-8611;Candidate;"In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1; multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database via the REST API. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or destroy database elements.";"CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_2/ReleaseNotes/en/index.htm#49677.htm | CONFIRM:https://status.moveitcloud.com/ | MISC:https://community.ipswitch.com/s/article/MOVEit-Transfer-Security-Vulnerabilities-Feb-2020";Assigned (20200204);"None (candidate not yet proposed)";""
+19.2.0;19;2;0;CVE-2020-8611;Candidate;"In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1; multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database via the REST API. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or destroy database elements.";"CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_1/ReleaseNotes/en/index.htm#49443.htm | CONFIRM:https://docs.ipswitch.com/MOVEit/Transfer2019_2/ReleaseNotes/en/index.htm#49677.htm | CONFIRM:https://status.moveitcloud.com/ | MISC:https://community.ipswitch.com/s/article/MOVEit-Transfer-Security-Vulnerabilities-Feb-2020";Assigned (20200204);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2021-1998;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.6.50;5;6;50;CVE-2021-2001;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.50 and prior; 5.7.30 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.30;5;7;30;CVE-2021-2001;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.50 and prior; 5.7.30 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2021-2001;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.50 and prior; 5.7.30 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2002;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2021-2009;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2021-2012;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.32;5;7;32;CVE-2021-2014;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported versions that are affected are 5.7.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2021-2016;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2021-2019;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.20;8;0;20;CVE-2021-2020;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2021;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.6.50;5;6;50;CVE-2021-2022;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.50 and prior; 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.32;5;7;32;CVE-2021-2022;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.50 and prior; 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2022;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.50 and prior; 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | FEDORA:FEDORA-2021-b1d1655cef | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K/ | FEDORA:FEDORA-2021-db50ab62d3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2024;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2021-2028;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2021-2030;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2031;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.32;5;7;32;CVE-2021-2032;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2032;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2036;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2038;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2021-2042;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2046;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.8 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2048;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.21;8;0;21;CVE-2021-2055;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2056;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2058;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.6.50;5;6;50;CVE-2021-2060;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.50 and prior; 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.32;5;7;32;CVE-2021-2060;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.50 and prior; 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2060;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.50 and prior; 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2061;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2065;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2070;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2072;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2076;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2081;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2087;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2088;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2122;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210219-0003/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | MISC:https://www.oracle.com/security-alerts/cpujan2021.html | URL:https://www.oracle.com/security-alerts/cpujan2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.29;5;7;29;CVE-2021-2144;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.19;8;0;19;CVE-2021-2144;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2146;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2146;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2154;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-179f2fbb88 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEF5CRATUGQZUSQU63MHQIDZPOLHW2VE/ | FEDORA:FEDORA-2021-27187ac9dd | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GAU7KW36A6TQGKG3RUITYSVUFIHBY3OT/ | FEDORA:FEDORA-2021-68db93b130 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPA3CTGXPVWKHMCQDVURK4ETH7GE34KK/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | GENTOO:GLSA-202105-28 | URL:https://security.gentoo.org/glsa/202105-28 | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.30;5;7;30;CVE-2021-2160;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.30 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.17;8;0;17;CVE-2021-2160;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.30 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2162;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2162;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2164;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2166;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-179f2fbb88 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEF5CRATUGQZUSQU63MHQIDZPOLHW2VE/ | FEDORA:FEDORA-2021-27187ac9dd | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GAU7KW36A6TQGKG3RUITYSVUFIHBY3OT/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-68db93b130 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPA3CTGXPVWKHMCQDVURK4ETH7GE34KK/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | GENTOO:GLSA-202105-28 | URL:https://security.gentoo.org/glsa/202105-28 | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2166;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-179f2fbb88 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEF5CRATUGQZUSQU63MHQIDZPOLHW2VE/ | FEDORA:FEDORA-2021-27187ac9dd | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GAU7KW36A6TQGKG3RUITYSVUFIHBY3OT/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-68db93b130 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPA3CTGXPVWKHMCQDVURK4ETH7GE34KK/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | GENTOO:GLSA-202105-28 | URL:https://security.gentoo.org/glsa/202105-28 | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2169;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2169;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2170;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2171;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2171;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2172;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2174;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2174;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.32;5;7;32;CVE-2021-2178;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2178;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2179;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2179;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2180;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | GENTOO:GLSA-202105-28 | URL:https://security.gentoo.org/glsa/202105-28 | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2180;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | GENTOO:GLSA-202105-27 | URL:https://security.gentoo.org/glsa/202105-27 | GENTOO:GLSA-202105-28 | URL:https://security.gentoo.org/glsa/202105-28 | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2193;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2194;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2194;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2196;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | FEDORA:FEDORA-2021-01189f6361 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKV7TRUEQW6EV45RSZVVFLVQMNHVHBCJ/ | FEDORA:FEDORA-2021-5b6c69a73a | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJVUTKKFQAWR7NURCQHQQ5JHTVYGEOYQ/ | FEDORA:FEDORA-2021-b8b7829a83 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJQRPXNDH6YHQLUSCS5VA7DAW32PN7N7/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2201;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.32;5;7;32;CVE-2021-2202;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2202;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2203;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2208;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2212;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.22;8;0;22;CVE-2021-2213;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2215;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2217;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2226;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2226;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2230;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2232;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 1.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2278;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2293;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2298;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2299;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2300;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2301;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2304;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2305;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+5.7.33;5;7;33;CVE-2021-2307;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2307;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+8.0.23;8;0;23;CVE-2021-2308;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:https://security.netapp.com/advisory/ntap-20210513-0002/ | MISC:https://www.oracle.com/security-alerts/cpuapr2021.html | URL:https://www.oracle.com/security-alerts/cpuapr2021.html";Assigned (20201209);"None (candidate not yet proposed)";""
+0.20.2;0;20;2;CVE-2021-26919;Candidate;"Apache Druid allows users to read data from other database systems using JDBC. This functionality is to allow trusted users with the proper permissions to set up lookups or submit ingestion tasks. The MySQL JDBC driver supports certain properties; which; if left unmitigated; can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Druid server processes. This issue was addressed in Apache Druid 0.20.2";"MISC:https://lists.apache.org/thread.html/rd87451fce34df54796e66321c40d743a68fb4553d72e7f6f0bc62ebd%40%3Cdev.druid.apache.org%3E | URL:https://lists.apache.org/thread.html/rd87451fce34df54796e66321c40d743a68fb4553d72e7f6f0bc62ebd%40%3Cdev.druid.apache.org%3E | MLIST:[druid-commits] 20210401 [GitHub] [druid] jihoonson merged pull request #11047: Allow list for JDBC connection properties to address CVE-2021-26919 | URL:https://lists.apache.org/thread.html/re0910cf4c784897774427fecd95912fb565a6bd06d924a55e70bbbfc@%3Ccommits.druid.apache.org%3E | MLIST:[druid-commits] 20210412 [GitHub] [druid] jihoonson merged pull request #11100: [Backport] Allow list for JDBC connection properties to address CVE-2021-26919 | URL:https://lists.apache.org/thread.html/r6bc68264170046448f823d12c17fd1fd875251d97d60869f58709872@%3Ccommits.druid.apache.org%3E | MLIST:[druid-commits] 20210412 [GitHub] [druid] jihoonson opened a new pull request #11100: [Backport] Allow list for JDBC connection properties to address CVE-2021-26919 | URL:https://lists.apache.org/thread.html/r7a531ec123570cb7875ff991cf115f99e9ef99a48b3cf3fa4f9d9864@%3Ccommits.druid.apache.org%3E | MLIST:[druid-dev] 20210331 Regarding the 0.21.0 release | URL:https://lists.apache.org/thread.html/r443e2916c612fbd119839c0fc0729327d6031913a75081adac5b43ad@%3Cdev.druid.apache.org%3E | MLIST:[druid-dev] 20210401 Re: Subject: [CVE-2021-26919] Authenticated users can execute arbitrary code from malicious MySQL database systems | URL:https://lists.apache.org/thread.html/re4c5deb0aae4bace69844d15c9fd1699e907ebfee93bc3926474d110@%3Cdev.druid.apache.org%3E | MLIST:[druid-dev] 20210405 Re: Regarding the CVSS score for CVE-2021-26919 | URL:https://lists.apache.org/thread.html/r470f8c92eb5df45f41b3ae609b6315b6c5ff51b3ceb2f09f00ca620f@%3Cdev.druid.apache.org%3E | MLIST:[druid-dev] 20210405 Regarding the CVSS score for CVE-2021-26919 | URL:https://lists.apache.org/thread.html/ra85fa7d31f9bec1148ffd2e4030934927caa8bff89bca9f61f75e697@%3Cdev.druid.apache.org%3E | MLIST:[druid-dev] 20210414 Re: Regarding the CVSS score for CVE-2021-26919 | URL:https://lists.apache.org/thread.html/rf3ea2a4018e87e6c45d36cf8479af7727dcc276edabd2f7cf59e0c5f@%3Cdev.druid.apache.org%3E";Assigned (20210209);"None (candidate not yet proposed)";""
+0.21.0;0;21;0;CVE-2021-26919;Candidate;"Apache Druid allows users to read data from other database systems using JDBC. This functionality is to allow trusted users with the proper permissions to set up lookups or submit ingestion tasks. The MySQL JDBC driver supports certain properties; which; if left unmitigated; can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Druid server processes. This issue was addressed in Apache Druid 0.20.2";"MISC:https://lists.apache.org/thread.html/rd87451fce34df54796e66321c40d743a68fb4553d72e7f6f0bc62ebd%40%3Cdev.druid.apache.org%3E | URL:https://lists.apache.org/thread.html/rd87451fce34df54796e66321c40d743a68fb4553d72e7f6f0bc62ebd%40%3Cdev.druid.apache.org%3E | MLIST:[druid-commits] 20210401 [GitHub] [druid] jihoonson merged pull request #11047: Allow list for JDBC connection properties to address CVE-2021-26919 | URL:https://lists.apache.org/thread.html/re0910cf4c784897774427fecd95912fb565a6bd06d924a55e70bbbfc@%3Ccommits.druid.apache.org%3E | MLIST:[druid-commits] 20210412 [GitHub] [druid] jihoonson merged pull request #11100: [Backport] Allow list for JDBC connection properties to address CVE-2021-26919 | URL:https://lists.apache.org/thread.html/r6bc68264170046448f823d12c17fd1fd875251d97d60869f58709872@%3Ccommits.druid.apache.org%3E | MLIST:[druid-commits] 20210412 [GitHub] [druid] jihoonson opened a new pull request #11100: [Backport] Allow list for JDBC connection properties to address CVE-2021-26919 | URL:https://lists.apache.org/thread.html/r7a531ec123570cb7875ff991cf115f99e9ef99a48b3cf3fa4f9d9864@%3Ccommits.druid.apache.org%3E | MLIST:[druid-dev] 20210331 Regarding the 0.21.0 release | URL:https://lists.apache.org/thread.html/r443e2916c612fbd119839c0fc0729327d6031913a75081adac5b43ad@%3Cdev.druid.apache.org%3E | MLIST:[druid-dev] 20210401 Re: Subject: [CVE-2021-26919] Authenticated users can execute arbitrary code from malicious MySQL database systems | URL:https://lists.apache.org/thread.html/re4c5deb0aae4bace69844d15c9fd1699e907ebfee93bc3926474d110@%3Cdev.druid.apache.org%3E | MLIST:[druid-dev] 20210405 Re: Regarding the CVSS score for CVE-2021-26919 | URL:https://lists.apache.org/thread.html/r470f8c92eb5df45f41b3ae609b6315b6c5ff51b3ceb2f09f00ca620f@%3Cdev.druid.apache.org%3E | MLIST:[druid-dev] 20210405 Regarding the CVSS score for CVE-2021-26919 | URL:https://lists.apache.org/thread.html/ra85fa7d31f9bec1148ffd2e4030934927caa8bff89bca9f61f75e697@%3Cdev.druid.apache.org%3E | MLIST:[druid-dev] 20210414 Re: Regarding the CVSS score for CVE-2021-26919 | URL:https://lists.apache.org/thread.html/rf3ea2a4018e87e6c45d36cf8479af7727dcc276edabd2f7cf59e0c5f@%3Cdev.druid.apache.org%3E";Assigned (20210209);"None (candidate not yet proposed)";""
+10.2.36;10;2;36;CVE-2021-27928;Candidate;"A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37; 10.3 before 10.3.28; 10.4 before 10.4.18; and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection; in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.";"GENTOO:GLSA-202105-28 | URL:https://security.gentoo.org/glsa/202105-28 | MISC:http://packetstormsecurity.com/files/162177/MariaDB-10.2-Command-Execution.html | MISC:https://jira.mariadb.org/browse/MDEV-25179 | MISC:https://mariadb.com/kb/en/mariadb-10237-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-10328-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-10418-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-1059-release-notes/ | MISC:https://mariadb.com/kb/en/security/ | MLIST:[debian-lts-announce] 20210323 [SECURITY] [DLA 2605-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/03/msg00028.html";Assigned (20210303);"None (candidate not yet proposed)";""
+10.3.27;10;3;27;CVE-2021-27928;Candidate;"A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37; 10.3 before 10.3.28; 10.4 before 10.4.18; and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection; in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.";"GENTOO:GLSA-202105-28 | URL:https://security.gentoo.org/glsa/202105-28 | MISC:http://packetstormsecurity.com/files/162177/MariaDB-10.2-Command-Execution.html | MISC:https://jira.mariadb.org/browse/MDEV-25179 | MISC:https://mariadb.com/kb/en/mariadb-10237-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-10328-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-10418-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-1059-release-notes/ | MISC:https://mariadb.com/kb/en/security/ | MLIST:[debian-lts-announce] 20210323 [SECURITY] [DLA 2605-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/03/msg00028.html";Assigned (20210303);"None (candidate not yet proposed)";""
+10.4.17;10;4;17;CVE-2021-27928;Candidate;"A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37; 10.3 before 10.3.28; 10.4 before 10.4.18; and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection; in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.";"GENTOO:GLSA-202105-28 | URL:https://security.gentoo.org/glsa/202105-28 | MISC:http://packetstormsecurity.com/files/162177/MariaDB-10.2-Command-Execution.html | MISC:https://jira.mariadb.org/browse/MDEV-25179 | MISC:https://mariadb.com/kb/en/mariadb-10237-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-10328-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-10418-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-1059-release-notes/ | MISC:https://mariadb.com/kb/en/security/ | MLIST:[debian-lts-announce] 20210323 [SECURITY] [DLA 2605-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/03/msg00028.html";Assigned (20210303);"None (candidate not yet proposed)";""
+10.5.8;10;5;8;CVE-2021-27928;Candidate;"A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37; 10.3 before 10.3.28; 10.4 before 10.4.18; and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection; in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.";"GENTOO:GLSA-202105-28 | URL:https://security.gentoo.org/glsa/202105-28 | MISC:http://packetstormsecurity.com/files/162177/MariaDB-10.2-Command-Execution.html | MISC:https://jira.mariadb.org/browse/MDEV-25179 | MISC:https://mariadb.com/kb/en/mariadb-10237-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-10328-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-10418-release-notes/ | MISC:https://mariadb.com/kb/en/mariadb-1059-release-notes/ | MISC:https://mariadb.com/kb/en/security/ | MLIST:[debian-lts-announce] 20210323 [SECURITY] [DLA 2605-1] mariadb-10.1 security update | URL:https://lists.debian.org/debian-lts-announce/2021/03/msg00028.html";Assigned (20210303);"None (candidate not yet proposed)";""
+19.0.5;19;0;5;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+11.0.5;11;0;5;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+19.1.4;19;1;4;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+11.1.4;11;1;4;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+19.2.1;19;2;1;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+11.2.1;11;2;1;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+20.0.4;20;0;4;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+12.0.4;12;0;4;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+20.1.3;20;1;3;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+12.1.3;12;1;3;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+21.0.0;21;0;0;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""
+13.0.0;13;0;0;CVE-2021-33894;Candidate;"In Progress MOVEit Transfer before 2019.0.6 (11.0.6); 2019.1.x before 2019.1.5 (11.1.5); 2019.2.x before 2019.2.2 (11.2.2); 2020.x before 2020.0.5 (12.0.5); 2020.1.x before 2020.1.4 (12.1.4); and 2021.x before 2021.0.1 (13.0.1); a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in the MOVEit Transfer web app. This could allow an authenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL; Microsoft SQL Server; or Azure SQL); an attacker may be able to infer information about the structure and contents of the database and/or execute SQL statements that alter or delete database elements.";"CONFIRM:https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-June-2021 | MISC:https://www.progress.com/moveit";Assigned (20210606);"None (candidate not yet proposed)";""