Mysql

DATE	CVE	VULNERABILITY TITLE	RISK
2017-01-27	CVE-2017-3243	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). network high complexity oracle mariadb debian redhat	4.4
2017-01-27	CVE-2017-3238	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle debian mariadb redhat	6.5
2017-01-27	CVE-2016-8327	Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). network high complexity oracle	4.4
2017-01-27	CVE-2016-8318	Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). network low complexity oracle	6.8
2016-12-13	CVE-2016-6664	Link Following vulnerability in multiple products mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files. local high complexity oracle mariadb percona CWE-59	7.0
2016-12-13	CVE-2016-6663	Race Condition vulnerability in multiple products Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table. local high complexity oracle percona mariadb CWE-362	7.0
2016-12-13	CVE-2016-7440	The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. local low complexity mariadb oracle wolfssl debian	5.5
2016-10-25	CVE-2016-8290	Unspecified vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633. network high complexity oracle	4.4
2016-10-25	CVE-2016-8289	Permissions, Privileges, and Access Controls vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB. local high complexity oracle CWE-264	4.7
2016-10-25	CVE-2016-8288	Improper Access Control vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin. network high complexity oracle CWE-284	3.1