Oracle Mysql Server vulnerabilities
269 known vulnerabilities affecting oracle/mysql_server.
Total CVEs
269
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH18MEDIUM228LOW16
Vulnerabilities
Page 9 of 14
CVE-2022-21522MEDIUMCVSS 4.4≤ 8.0.292022-07-19
CVE-2022-21522 [MEDIUM] CVE-2022-21522: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Sup
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthoriz
nvd
CVE-2022-21553MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.292022-07-19
CVE-2022-21553 [MEDIUM] CVE-2022-21553: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21529MEDIUMCVSS 4.9≤ 8.0.292022-07-19
CVE-2022-21529 [MEDIUM] CVE-2022-21529: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21539MEDIUMCVSS 5.0≤ 8.0.292022-07-19
CVE-2022-21539 [MEDIUM] CVE-2022-21539: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert o
nvd
CVE-2022-21556MEDIUMCVSS 6.5≥ 8.0.0, ≤ 8.0.282022-07-19
CVE-2022-21556 [MEDIUM] CVE-2022-21556: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creatio
nvd
CVE-2022-21527MEDIUMCVSS 5.5≤ 8.0.292022-07-19
CVE-2022-21527 [MEDIUM] CVE-2022-21527: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21455MEDIUMCVSS 4.9≤ 8.0.292022-07-19
CVE-2022-21455 [MEDIUM] CVE-2022-21455: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supp
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized
nvd
CVE-2022-21569MEDIUMCVSS 6.5≥ 8.0.0, ≤ 8.0.292022-07-19
CVE-2022-21569 [MEDIUM] CVE-2022-21569: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21530MEDIUMCVSS 4.9≤ 8.0.292022-07-19
CVE-2022-21530 [MEDIUM] CVE-2022-21530: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21538LOWCVSS 3.1≤ 8.0.292022-07-19
CVE-2022-21538 [LOW] CVE-2022-21538: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthoriz
nvd
CVE-2022-27778HIGHCVSS 8.1≤ 5.7.38≥ 8.0.0, ≤ 8.0.292022-06-02
CVE-2022-27778 [HIGH] CWE-706 CVE-2022-27778: A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `-
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.
nvd
CVE-2022-1292HIGHCVSS 7.3≥ 5.0.0, ≤ 5.7.38≥ 8.0.0, ≤ 8.0.292022-05-03
CVE-2022-1292 [HIGH] CWE-78 CVE-2022-1292: The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. Th
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete
nvd
CVE-2022-21436MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.282022-04-19
CVE-2022-21436 [MEDIUM] CVE-2022-21436: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21440MEDIUMCVSS 5.5≥ 8.0.0, ≤ 8.0.282022-04-19
CVE-2022-21440 [MEDIUM] CVE-2022-21440: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21418MEDIUMCVSS 5.0≥ 8.0.0, ≤ 8.0.282022-04-19
CVE-2022-21418 [MEDIUM] CVE-2022-21418: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to caus
nvd
CVE-2022-21438MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.282022-04-19
CVE-2022-21438 [MEDIUM] CVE-2022-21438: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21452MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.282022-04-19
CVE-2022-21452 [MEDIUM] CVE-2022-21452: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21459MEDIUMCVSS 5.5≥ 8.0.0, ≤ 8.0.282022-04-19
CVE-2022-21459 [MEDIUM] CVE-2022-21459: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21437MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.282022-04-19
CVE-2022-21437 [MEDIUM] CVE-2022-21437: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability
nvd
CVE-2022-21413MEDIUMCVSS 4.9≥ 8.0.0, ≤ 8.0.282022-04-19
CVE-2022-21413 [MEDIUM] CVE-2022-21413: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versio
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to c
nvd