Oracle MySQL vulnerabilities
1,328 known vulnerabilities affecting oracle/mysql.
Total CVEs
1,328
CISA KEV
0
Public exploits
50
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH71MEDIUM1064LOW181
Vulnerabilities
Page 47 of 67
CVE-2016-0661MEDIUMCVSS 4.7≥ 5.6.0, ≤ 5.6.28≥ 5.7.0, ≤ 5.7.102016-04-21
CVE-2016-0661 [MEDIUM] CVE-2016-0661: Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local use
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options.
nvd
CVE-2016-0658MEDIUMCVSS 5.5≤ 5.7.102016-04-21
CVE-2016-0658 [MEDIUM] CVE-2016-0658: Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availabili
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Optimizer.
nvd
CVE-2016-0646MEDIUMCVSS 5.5≥ 5.5.0, ≤ 5.5.47≥ 5.6.0, ≤ 5.6.28+1 more2016-04-21
CVE-2016-0646 [MEDIUM] CVE-2016-0646: Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and ear
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.
nvd
CVE-2016-0642MEDIUMCVSS 4.7≥ 5.5.0, ≤ 5.5.48≥ 5.6.0, ≤ 5.6.29+1 more2016-04-21
CVE-2016-0642 [MEDIUM] CVE-2016-0642: Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and ear
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
nvd
CVE-2016-0653MEDIUMCVSS 5.5≤ 5.7.102016-04-21
CVE-2016-0653 [MEDIUM] CVE-2016-0653: Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availabili
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to FTS.
nvd
CVE-2016-0668MEDIUMCVSS 4.1≥ 5.6.0, ≤ 5.6.28≥ 5.7.0, ≤ 5.7.102016-04-21
CVE-2016-0668 [MEDIUM] CVE-2016-0668: Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
nvd
CVE-2016-0652MEDIUMCVSS 5.5≤ 5.7.102016-04-21
CVE-2016-0652 [MEDIUM] CVE-2016-0652: Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availabili
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to DML.
nvd
CVE-2016-0656MEDIUMCVSS 5.5≤ 5.7.102016-04-21
CVE-2016-0656 [MEDIUM] CVE-2016-0656: Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availabili
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0654.
nvd
CVE-2016-0654MEDIUMCVSS 5.5≤ 5.7.102016-04-21
CVE-2016-0654 [MEDIUM] CVE-2016-0654: Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availabili
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0656.
nvd
CVE-2016-0659MEDIUMCVSS 5.5≤ 5.7.112016-04-21
CVE-2016-0659 [MEDIUM] CVE-2016-0659: Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availabili
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Optimizer.
nvd
CVE-2016-0651MEDIUMCVSS 5.5≥ 5.5.0, ≤ 5.5.462016-04-21
CVE-2016-0651 [MEDIUM] CVE-2016-0651: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availabili
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
nvd
CVE-2016-0667MEDIUMCVSS 4.4≤ 5.7.112016-04-21
CVE-2016-0667 [MEDIUM] CVE-2016-0667: Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availabili
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Locking.
nvd
CVE-2016-0662MEDIUMCVSS 5.5≤ 5.7.112016-04-21
CVE-2016-0662 [MEDIUM] CVE-2016-0662: Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availabili
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Partition.
nvd
CVE-2016-0641MEDIUMCVSS 5.1≥ 5.5.0, ≤ 5.5.47≥ 5.6.0, ≤ 5.6.28+1 more2016-04-21
CVE-2016-0641 [MEDIUM] CVE-2016-0641: Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and ear
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM.
nvd
CVE-2016-0665MEDIUMCVSS 5.5≥ 5.6.0, ≤ 5.6.28≥ 5.7.0, ≤ 5.7.102016-04-21
CVE-2016-0665 [MEDIUM] CVE-2016-0665: Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local use
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption.
nvd
CVE-2016-0640MEDIUMCVSS 6.1≥ 5.5.0, ≤ 5.5.47≥ 5.6.0, ≤ 5.6.28+1 more2016-04-21
CVE-2016-0640 [MEDIUM] CVE-2016-0640: Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and ear
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.
nvd
CVE-2016-0643LOWCVSS 3.3≥ 5.5.0, ≤ 5.5.48≥ 5.6.0, ≤ 5.6.29+1 more2016-04-21
CVE-2016-0643 [LOW] CVE-2016-0643: Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and ear
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.
nvd
CVE-2016-0705CRITICALCVSS 9.8≥ 5.6.0, ≤ 5.6.29≥ 5.7.0, ≤ 5.7.112016-03-03
CVE-2016-0705 [CRITICAL] CVE-2016-0705: Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.
nvd
CVE-2016-2047MEDIUMCVSS 5.9≥ 5.5.0, ≤ 5.5.48≥ 5.6.0, ≤ 5.6.29+1 more2016-01-27
CVE-2016-2047 [MEDIUM] CWE-254 CVE-2016-2047: The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 1
The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName
nvd
CVE-2016-0546HIGHCVSS 7.2≥ 5.5.0, ≤ 5.5.46≥ 5.6.0, ≤ 5.6.27+1 more2016-01-21
CVE-2016-0546 [HIGH] CVE-2016-0546: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and Mari
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commen
nvd