Oracle MySQL vulnerabilities
1,328 known vulnerabilities affecting oracle/mysql.
Total CVEs
1,328
CISA KEV
0
Public exploits
50
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH71MEDIUM1064LOW181
Vulnerabilities
Page 32 of 67
CVE-2019-2587MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2587 [MEDIUM] CVE-2019-2587: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abi
nvd
CVE-2018-3123MEDIUMCVSS 5.9≥ 5.6.0, ≤ 5.6.42≥ 5.7.0, ≤ 5.7.24+1 more2019-04-23
CVE-2018-3123 [MEDIUM] CVE-2018-3123: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vul
nvd
CVE-2019-2614MEDIUMCVSS 4.4≥ 5.6.0, ≤ 5.6.43≥ 5.7.0, ≤ 5.7.25+1 more2019-04-23
CVE-2019-2614 [MEDIUM] CVE-2019-2614: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Sup
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this v
nvd
CVE-2019-2686MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2686 [MEDIUM] CVE-2019-2686: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abi
nvd
CVE-2019-2689MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2689 [MEDIUM] CVE-2019-2689: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abi
nvd
CVE-2019-2630MEDIUMCVSS 4.4≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2630 [MEDIUM] CVE-2019-2630: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Sup
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized
nvd
CVE-2019-2566MEDIUMCVSS 4.9≥ 5.7.0, ≤ 5.7.25≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2566 [MEDIUM] CVE-2019-2566: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). S
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can r
nvd
CVE-2019-2596MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2596 [MEDIUM] CVE-2019-2596: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abi
nvd
CVE-2019-2636MEDIUMCVSS 4.4≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2636 [MEDIUM] CVE-2019-2636: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Group Replication
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Group Replication Plugin). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via MySQL Procotol to compromise MySQL Server. Successful attacks of this vulnerability can result in una
nvd
CVE-2019-2628MEDIUMCVSS 4.9≥ 5.7.0, ≤ 5.7.25≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2628 [MEDIUM] CVE-2019-2628: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versio
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauth
nvd
CVE-2019-2683MEDIUMCVSS 4.9≥ 5.6.0, ≤ 5.6.43≥ 5.7.0, ≤ 5.7.25+1 more2019-04-23
CVE-2019-2683 [MEDIUM] CVE-2019-2683: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Support
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnera
nvd
CVE-2019-2584MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2584 [MEDIUM] CVE-2019-2584: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privile
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unaut
nvd
CVE-2019-2693MEDIUMCVSS 6.5≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2693 [MEDIUM] CVE-2019-2693: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abil
nvd
CVE-2019-2585MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.152019-04-23
CVE-2019-2585 [MEDIUM] CVE-2019-2585: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versio
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cau
nvd
CVE-2019-1559MEDIUMCVSS 5.9≥ 5.6.0, ≤ 5.6.43≥ 5.7.0, ≤ 5.7.25+1 more2019-02-27
CVE-2019-1559 [MEDIUM] CWE-203 CVE-2019-1559: If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to sen
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behave
nvd
CVE-2019-7317MEDIUMCVSS 5.3fixed in 8.0.232019-02-04
CVE-2019-7317 [MEDIUM] CWE-416 CVE-2019-7317: png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_fu
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
nvd
CVE-2019-2534HIGHCVSS 7.1≥ 5.6.0, ≤ 5.6.42≥ 5.7.0, ≤ 5.7.24+1 more2019-01-16
CVE-2019-2534 [HIGH] CVE-2019-2534: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Sup
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulner
nvd
CVE-2019-2529MEDIUMCVSS 6.5≥ 5.6.0, ≤ 5.6.42≥ 5.7.0, ≤ 5.7.24+1 more2019-01-16
CVE-2019-2529 [MEDIUM] CVE-2019-2529: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulner
nvd
CVE-2019-2495MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.132019-01-16
CVE-2019-2495 [MEDIUM] CVE-2019-2495: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported v
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability t
nvd
CVE-2019-2528MEDIUMCVSS 4.9≥ 5.7.0, ≤ 5.7.24≥ 8.0.0, ≤ 8.0.132019-01-16
CVE-2019-2528 [MEDIUM] CVE-2019-2528: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Suppo
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can resul
nvd