Oracle MySQL vulnerabilities

1,328 known vulnerabilities affecting oracle/mysql.

Total CVEs

1,328

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL12HIGH71MEDIUM1064LOW181

Vulnerabilities

Page 18 of 67

CVE-2021-2308LOWCVSS 2.7≥ 8.0.0, ≤ 8.0.232021-04-22

CVE-2021-2308 [LOW] CVE-2021-2308: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). S Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized re

nvd

CVE-2021-2232LOWCVSS 1.9≥ 8.0.0, ≤ 8.0.232021-04-22

CVE-2021-2232 [LOW] CVE-2021-2232: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plug Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can

nvd

CVE-2021-2301LOWCVSS 2.7≥ 8.0.0, ≤ 8.0.232021-04-22

CVE-2021-2301 [LOW] CVE-2021-2301: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). S Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized re

nvd

CVE-2021-2056MEDIUMCVSS 4.4≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2056 [MEDIUM] CVE-2021-2056: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versio Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to c

nvd

CVE-2021-2072MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2072 [MEDIUM] CVE-2021-2072: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Sup Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized a

nvd

CVE-2021-2012MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.202021-01-20

CVE-2021-2012 [MEDIUM] CVE-2021-2012: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthoriz

nvd

CVE-2021-2024MEDIUMCVSS 6.5≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2024 [MEDIUM] CVE-2021-2024: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to

nvd

CVE-2021-2036MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2036 [MEDIUM] CVE-2021-2036: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability t

nvd

CVE-2021-2028MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.212021-01-20

CVE-2021-2028 [MEDIUM] CVE-2021-2028: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a

nvd

CVE-2021-2038MEDIUMCVSS 4.4≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2038 [MEDIUM] CVE-2021-2038: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthoriz

nvd

CVE-2021-2020MEDIUMCVSS 6.5≥ 8.0.0, ≤ 8.0.202021-01-20

CVE-2021-2020 [MEDIUM] CVE-2021-2020: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to

nvd

CVE-2021-2060MEDIUMCVSS 4.9≥ 5.6.0, ≤ 5.6.50≥ 5.7.0, ≤ 5.7.32+1 more2021-01-20

CVE-2021-2060 [MEDIUM] CVE-2021-2060: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabili

nvd

CVE-2021-2016MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.192021-01-20

CVE-2021-2016 [MEDIUM] CVE-2021-2016: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability t

nvd

CVE-2021-2022MEDIUMCVSS 4.4≥ 5.6.0, ≤ 5.6.50≥ 5.7.0, ≤ 5.7.32+1 more2021-01-20

CVE-2021-2022 [MEDIUM] CVE-2021-2022: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can r

nvd

CVE-2021-2087MEDIUMCVSS 4.4≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2087 [MEDIUM] CVE-2021-2087: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versio Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthori

nvd

CVE-2021-2014MEDIUMCVSS 4.9≥ 5.7.0, ≤ 5.7.322021-01-20

CVE-2021-2014 [MEDIUM] CVE-2021-2014: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supp Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported versions that are affected are 5.7.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ab

nvd

CVE-2021-2048MEDIUMCVSS 5.0≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2048 [MEDIUM] CVE-2021-2048: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause

nvd

CVE-2021-2002MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2002 [MEDIUM] CVE-2021-2002: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supporte Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abilit

nvd

CVE-2021-2021MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2021 [MEDIUM] CVE-2021-2021: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability t

nvd

CVE-2021-2122MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.222021-01-20

CVE-2021-2122 [MEDIUM] CVE-2021-2122: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versio Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cau

nvd

← Previous18 / 67Next →