Oracle MySQL vulnerabilities
1,328 known vulnerabilities affecting oracle/mysql.
Total CVEs
1,328
CISA KEV
0
Public exploits
50
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH71MEDIUM1064LOW181
Vulnerabilities
Page 20 of 67
CVE-2021-2042LOWCVSS 2.3≥ 8.0.0, ≤ 8.0.212021-01-20
CVE-2021-2042 [LOW] CVE-2021-2042: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read
nvd
CVE-2020-1971MEDIUMCVSS 5.9≤ 8.0.222020-12-08
CVE-2020-1971 [MEDIUM] CWE-476 CVE-2020-1971: The X.509 GeneralName type is a generic type for representing different types of names. One of those
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A
nvd
CVE-2020-14878HIGHCVSS 8.0≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14878 [HIGH] CVE-2020-14878: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Succ
nvd
CVE-2020-14828HIGHCVSS 7.2≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14828 [HIGH] CVE-2020-14828: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versio
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. C
nvd
CVE-2020-14821MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14821 [MEDIUM] CVE-2020-14821: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause
nvd
CVE-2020-14893MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14893 [MEDIUM] CVE-2020-14893: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2020-14839MEDIUMCVSS 4.9≤ 8.0.212020-10-21
CVE-2020-14839 [MEDIUM] CVE-2020-14839: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2020-14861MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14861 [MEDIUM] CVE-2020-14861: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2020-14866MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14866 [MEDIUM] CVE-2020-14866: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2020-14800MEDIUMCVSS 6.5≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14800 [MEDIUM] CVE-2020-14800: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthori
nvd
CVE-2020-14793MEDIUMCVSS 4.9≥ 5.6.0, ≤ 5.6.49≥ 5.7.0, ≤ 5.7.31+1 more2020-10-21
CVE-2020-14793 [MEDIUM] CVE-2020-14793: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabi
nvd
CVE-2020-14836MEDIUMCVSS 6.5≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14836 [MEDIUM] CVE-2020-14836: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2020-14786MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14786 [MEDIUM] CVE-2020-14786: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported version
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to ca
nvd
CVE-2020-14760MEDIUMCVSS 5.5≤ 5.7.312020-10-21
CVE-2020-14760 [MEDIUM] CVE-2020-14760: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2020-14776MEDIUMCVSS 4.9≥ 5.7.0, ≤ 5.7.31≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14776 [MEDIUM] CVE-2020-14776: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthori
nvd
CVE-2020-14870MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14870 [MEDIUM] CVE-2020-14870: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported v
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2020-14867MEDIUMCVSS 4.4≥ 5.6.0, ≤ 5.6.49≥ 5.7.0, ≤ 5.7.31+1 more2020-10-21
CVE-2020-14867 [MEDIUM] CVE-2020-14867: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versio
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabilit
nvd
CVE-2020-14769MEDIUMCVSS 6.5≥ 5.6.0, ≤ 5.6.49≥ 5.7.0, ≤ 5.7.31+1 more2020-10-21
CVE-2020-14769 [MEDIUM] CVE-2020-14769: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabil
nvd
CVE-2020-14775MEDIUMCVSS 6.5≥ 5.7.0, ≤ 5.7.31≥ 8.0.0, ≤ 8.0.212020-10-21
CVE-2020-14775 [MEDIUM] CVE-2020-14775: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthoriz
nvd
CVE-2020-14765MEDIUMCVSS 6.5≥ 5.6.0, ≤ 5.6.49≥ 5.7.0, ≤ 5.7.31+1 more2020-10-21
CVE-2020-14765 [MEDIUM] CVE-2020-14765: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versio
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability c
nvd