10.0.5

DATE	CVE	VULNERABILITY TITLE	RISK
2014-05-06	CVE-2014-0198	NULL Pointer Dereference vulnerability in multiple products The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. network openssl mariadb fedoraproject debian opensuse suse CWE-476	4.3
2014-04-16	CVE-2014-2440	Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. network high complexity oracle mariadb redhat	5.1
2014-04-16	CVE-2014-2438	Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication. network oracle mariadb redhat	3.5
2014-04-16	CVE-2014-2436	Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. network low complexity oracle mariadb redhat	6.5
2014-04-16	CVE-2014-2432	Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated. network oracle redhat mariadb	2.8
2014-04-16	CVE-2014-2430	Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. network oracle mariadb redhat	3.5
2014-04-16	CVE-2014-2419	Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. network low complexity oracle mariadb redhat	4.0
2014-04-16	CVE-2014-0384	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. network low complexity oracle mariadb redhat	4.0
2014-04-14	CVE-2010-5298	Race Condition vulnerability in multiple products Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. network high complexity openssl mariadb fedoraproject suse CWE-362	4.0
2014-01-15	CVE-2014-0437	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. network oracle debian canonical mariadb redhat	3.5