Vulnerabilities > Mariadb > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-10-25 CVE-2016-3492 Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
network
low complexity
oracle mariadb redhat
6.5
6.5
2016-07-21 CVE-2016-5440 Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.
network
low complexity
ibm mariadb oracle debian canonical redhat
4.9
4.9
2016-07-21 CVE-2016-3615 Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.
network
high complexity
oracle mariadb ibm debian canonical
5.3
5.3
2016-07-21 CVE-2016-3521 Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.
network
low complexity
ibm mariadb oracle debian canonical
6.5
6.5
2016-07-21 CVE-2016-3459 Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.
network
low complexity
mariadb oracle
4.9
4.9
2016-05-16 CVE-2015-3152 Improper Certificate Validation vulnerability in multiple products
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
network
high complexity
oracle mariadb fedoraproject debian redhat php CWE-295
5.9
5.9
2016-04-21 CVE-2016-0668 Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
local
high complexity
oracle mariadb debian suse opensuse canonical
4.1
4.1
2016-04-21 CVE-2016-0666 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.
local
low complexity
redhat debian mariadb oracle opensuse ibm
5.5
5.5
2016-04-21 CVE-2016-0655 Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.
local
high complexity
mariadb debian opensuse oracle redhat
4.7
4.7
2016-04-21 CVE-2016-0651 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
local
low complexity
oracle mariadb suse opensuse redhat
5.5
5.5