Vulnerabilities > Mariadb > Mariadb > 5.5.50

DATE CVE VULNERABILITY TITLE RISK
2016-12-13 CVE-2016-7440 The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
local
low complexity
mariadb oracle wolfssl debian
5.5
5.5
2016-10-25 CVE-2016-8283 Remote Security vulnerability in Oracle MySQL
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
network
low complexity
oracle mariadb
4.0
4.0
2016-10-25 CVE-2016-5629 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
network
low complexity
oracle mariadb redhat
4.0
4.0
2016-10-25 CVE-2016-5626 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
network
low complexity
oracle mariadb redhat
4.0
4.0
2016-10-25 CVE-2016-5624 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
network
low complexity
oracle mariadb redhat
4.0
4.0
2016-10-25 CVE-2016-5612 Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
network
low complexity
oracle mariadb redhat
4.0
4.0
2016-10-25 CVE-2016-5584 Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
network
high complexity
oracle mariadb debian
4.4
4.4
2016-10-25 CVE-2016-3492 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
network
low complexity
oracle mariadb redhat
6.8
6.8
2016-09-20 CVE-2016-6662 Permissions, Privileges, and Access Controls vulnerability in multiple products
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration.
network
low complexity
oracle percona mariadb debian redhat CWE-264
critical
 10.0
10
2005-04-14 CVE-2005-0004 Link Following vulnerability in multiple products
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
local
low complexity
oracle debian mariadb CWE-59
4.6
4.6