Vulnerabilities > Mariadb > Mariadb > 10.0.26
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-27 | CVE-2017-3257 | Improper Privilege Management vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). | 4.0 |
| 2017-01-27 | CVE-2017-3244 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). | 4.0 |
| 2017-01-27 | CVE-2017-3243 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). | 4.4 |
| 2017-01-27 | CVE-2017-3238 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
| 2016-12-13 | CVE-2016-6664 | Link Following vulnerability in multiple products mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files. | 7.0 |
| 2016-12-13 | CVE-2016-6663 | Race Condition vulnerability in multiple products Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table. | 4.4 |
| 2016-12-13 | CVE-2016-7440 | The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. | 5.5 |
| 2016-10-25 | CVE-2016-8283 | Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. | 4.0 |
| 2016-10-25 | CVE-2016-5630 | Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. | 4.0 |
| 2016-10-25 | CVE-2016-5629 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated. | 4.0 |