Oracle MySQL vulnerabilities

1,328 known vulnerabilities affecting oracle/mysql.

Total CVEs

1,328

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL12HIGH71MEDIUM1064LOW181

Vulnerabilities

Page 53 of 67

CVE-2014-6494MEDIUMCVSS 4.3≥ 5.5.0, ≤ 5.5.39≥ 5.6.0, ≤ 5.6.202014-10-15

CVE-2014-6494 [MEDIUM] CVE-2014-6494: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.

nvd

CVE-2014-6564MEDIUMCVSS 4.0≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-6564 [MEDIUM] CVE-2014-6564: Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated user Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.

nvd

CVE-2014-6559MEDIUMCVSS 4.3≥ 5.5.0, ≤ 5.5.39≥ 5.6.0, ≤ 5.6.202014-10-15

CVE-2014-6559 [MEDIUM] CVE-2014-6559: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.

nvd

CVE-2014-6484MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.38≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-6484 [MEDIUM] CVE-2014-6484: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.

nvd

CVE-2014-6520MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.382014-10-15

CVE-2014-6520 [MEDIUM] CVE-2014-6520: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated user Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.

nvd

CVE-2014-4274MEDIUMCVSS 4.1≥ 5.5.0, ≤ 5.5.38≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-4274 [MEDIUM] CVE-2014-4274: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows lo Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM.

nvd

CVE-2014-6489MEDIUMCVSS 5.5≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-6489 [MEDIUM] CVE-2014-6489: Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated user Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.

nvd

CVE-2014-4287MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.38≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-4287 [MEDIUM] CVE-2014-4287: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows re Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.

nvd

CVE-2014-6530MEDIUMCVSS 6.5≥ 5.5.0, ≤ 5.5.38≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-6530 [MEDIUM] CVE-2014-6530: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.

nvd

CVE-2014-6507MEDIUMCVSS 4.3≥ 5.5.0, ≤ 5.5.39≥ 5.6.0, ≤ 5.6.202014-10-15

CVE-2014-6507 [MEDIUM] CVE-2014-6507: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

nvd

CVE-2014-6555MEDIUMCVSS 6.5≥ 5.5.0, ≤ 5.5.39≥ 5.6.0, ≤ 5.6.202014-10-15

CVE-2014-6555 [MEDIUM] CVE-2014-6555: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows re Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

nvd

CVE-2014-6495MEDIUMCVSS 4.3≥ 5.5.0, ≤ 5.5.38≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-6495 [MEDIUM] CVE-2014-6495: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.

nvd

CVE-2014-6469MEDIUMCVSS 6.8≥ 5.5.0, ≤ 5.5.39≥ 5.6.0, ≤ 5.6.202014-10-15

CVE-2014-6469 [MEDIUM] CVE-2014-6469: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows re Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.

nvd

CVE-2014-6496MEDIUMCVSS 4.3≥ 5.5.0, ≤ 5.5.39≥ 5.6.0, ≤ 5.6.202014-10-15

CVE-2014-6496 [MEDIUM] CVE-2014-6496: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.

nvd

CVE-2014-6464MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.39≥ 5.6.0, ≤ 5.6.202014-10-15

CVE-2014-6464 [MEDIUM] CVE-2014-6464: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows re Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.

nvd

CVE-2014-6463LOWCVSS 3.3≥ 5.5.0, ≤ 5.5.38≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-6463 [LOW] CVE-2014-6463: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows re Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.

nvd

CVE-2014-6474LOWCVSS 3.5≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-6474 [LOW] CVE-2014-6474: Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated user Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.

nvd

CVE-2014-6551LOWCVSS 2.1≥ 5.5.0, ≤ 5.5.38≥ 5.6.0, ≤ 5.6.192014-10-15

CVE-2014-6551 [LOW] CVE-2014-6551: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows lo Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.

nvd

CVE-2014-2484MEDIUMCVSS 6.5≤ 5.6.17v5.6.0+16 more2014-07-17

CVE-2014-2484 [MEDIUM] CVE-2014-2484: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.

nvd

CVE-2014-2494MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.372014-07-17

CVE-2014-2494 [MEDIUM] CVE-2014-2494: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.

nvd

← Previous53 / 67Next →