Vulnerabilities > Mariadb > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-01-27 CVE-2017-3317 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging).
local
high complexity
oracle debian redhat mariadb
4.0
2017-01-27 CVE-2017-3313 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM).
local
high complexity
oracle debian canonical redhat mariadb
4.7
2017-01-27 CVE-2017-3265 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). 4.9
2017-01-27 CVE-2017-3258 Improper Input Validation vulnerability in multiple products
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle mariadb debian redhat CWE-20
4.0
2017-01-27 CVE-2017-3257 Improper Privilege Management vulnerability in multiple products
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB).
network
low complexity
oracle mariadb debian CWE-269
4.0
2017-01-27 CVE-2017-3244 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle debian mariadb redhat
4.0
2017-01-27 CVE-2017-3243 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets).
network
high complexity
oracle mariadb debian redhat
4.4
2017-01-27 CVE-2017-3238 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle debian mariadb redhat
4.0
2016-12-13 CVE-2016-6663 Race Condition vulnerability in multiple products
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
4.4
2016-12-13 CVE-2016-7440 The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
local
low complexity
mariadb oracle wolfssl debian
5.5