Oracle MySQL vulnerabilities

1,328 known vulnerabilities affecting oracle/mysql.

Total CVEs

1,328

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL12HIGH71MEDIUM1064LOW181

Vulnerabilities

Page 8 of 67

CVE-2023-21876MEDIUMCVSS 4.9≥ 8.0, ≤ 8.0.312023-01-18

CVE-2023-21876 [MEDIUM] CVE-2023-21876: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abilit

nvd

CVE-2023-21882LOWCVSS 2.7≥ 8.0.0, ≤ 8.0.312023-01-18

CVE-2023-21882 [LOW] CVE-2023-21882: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, i

nvd

CVE-2022-21600HIGHCVSS 7.2≥ 8.0, ≤ 8.0.272022-10-18

CVE-2022-21600 [HIGH] CVE-2022-21600: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Serv

nvd

CVE-2022-21592MEDIUMCVSS 4.3≥ 5.7.0, ≤ 5.7.39≥ 8.0, ≤ 8.0.292022-10-18

CVE-2022-21592 [MEDIUM] CVE-2022-21592: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.39 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability ca

nvd

CVE-2022-21641MEDIUMCVSS 4.9≥ 8.0, ≤ 8.0.292022-10-18

CVE-2022-21641 [MEDIUM] CVE-2022-21641: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability

nvd

CVE-2022-21589MEDIUMCVSS 4.3≥ 5.7.0, ≤ 5.7.39≥ 8.0, ≤ 8.0.162022-10-18

CVE-2022-21589 [MEDIUM] CVE-2022-21589: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability ca

nvd

CVE-2022-21594MEDIUMCVSS 4.9≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-21594 [MEDIUM] CVE-2022-21594: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability

nvd

CVE-2022-21599MEDIUMCVSS 4.9≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-21599 [MEDIUM] CVE-2022-21599: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Sup Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized

nvd

CVE-2022-21617MEDIUMCVSS 4.9≥ 5.7.0, ≤ 5.7.39≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-21617 [MEDIUM] CVE-2022-21617: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can

nvd

CVE-2022-21604MEDIUMCVSS 4.9≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-21604 [MEDIUM] CVE-2022-21604: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause

nvd

CVE-2022-21611MEDIUMCVSS 4.1≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-21611 [MEDIUM] CVE-2022-21611: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.30 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthoriz

nvd

CVE-2022-39408MEDIUMCVSS 6.5≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-39408 [MEDIUM] CVE-2022-39408: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability

nvd

CVE-2022-21625MEDIUMCVSS 4.4≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-21625 [MEDIUM] CVE-2022-21625: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized abili

nvd

CVE-2022-21638MEDIUMCVSS 4.9≥ 8.0, ≤ 8.0.292022-10-18

CVE-2022-21638 [MEDIUM] CVE-2022-21638: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability

nvd

CVE-2022-21632MEDIUMCVSS 4.9≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-21632 [MEDIUM] CVE-2022-21632: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthor

nvd

CVE-2022-39404MEDIUMCVSS 4.2≤ 1.6.32022-10-18

CVE-2022-39404 [MEDIUM] CVE-2022-39404: Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Suppor Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Supported versions that are affected are 1.6.3 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Installer executes to compromise MySQL Installer. Successful attacks require human interaction f

nvd

CVE-2022-39400MEDIUMCVSS 4.9≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-39400 [MEDIUM] CVE-2022-39400: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability

nvd

CVE-2022-21605MEDIUMCVSS 4.9≥ 8.0, ≤ 8.0.282022-10-18

CVE-2022-21605 [MEDIUM] CVE-2022-21605: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supp Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized

nvd

CVE-2022-21608MEDIUMCVSS 4.9≥ 5.7.0, ≤ 5.7.39≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-21608 [MEDIUM] CVE-2022-21608: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in

nvd

CVE-2022-39410MEDIUMCVSS 6.5≥ 8.0, ≤ 8.0.302022-10-18

CVE-2022-39410 [MEDIUM] CVE-2022-39410: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability

nvd

← Previous8 / 67Next →